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MULTI-STEP DIGITAL SIGNATURE METHOD AND SYSTEM 

Public key cer-tif icates- are electronic documents 
■ * * ■ ~j 

signed by a jtrusted. issuer and. used to', attest to the 

binding of "-4 user's -name; to a public key and other 
related data.. Certificates provide assurance to the 
public that the publip-key identified in the certificate 
is owne.d "by" the User ...whose, name is in- the certificate. 
Major- ^standards which describe public key certificate 
systems ^ .irialude^ ITU-T X.509 The Directory 
Authentication Framework, and American Bankers 
^Association ANSI X9.30-Part 3: Certificate Management for 
' DSA (draft) . Many implementations impose a hierarchical 
structure in which each trusted issuer, referred to as a 
Certification Authority (CA) certifies keys for entities 
that a^e subordinate j to it. The CA affixes a digital 
' sigriatucre^ to the" eTectroni;c .vdocumenjt in a way that is 
verifiable Cpne, , _car>; : ]Drov6 "thaiS the CA signed the 
documenttj and cannot be forged, (one :can be assured to a 
high level of confidence that no one other than the CA 
signed the document) . For example, at the top of the CA 
hierarchy there may be relatively few "root" CAs, perhaps 
one per country which certify subordinate CAs. Below the 
root CAs in the hierarchy, high level CAs (perhaps banks) 
certify lower level CAs beneath them (e.g., companies), 
whiph/'in turn sign individual user certificates . 

A C]U s signature becomes more valuable as it creates 
a largie .-^hierarchy of users beneath X% and uses its 
signature key to sign the certificates ; df both the high- 
value users and subordinates CA's. The CA/ s signature key 
then also 1 becomes a more likely targetv.^for terrorists, 
criminals'- bent on economic gain, and foreign military and 
espionage * 'services bent on economic spying or de- 
stabilising the economy via information warfare. All 
these issues also apply with equal force to keys used to 



sign electronic representations of; money .... 

Thus far, the " need for security of a CA's private 
signature ; key has : - been addressed by - providing a 
"certificate signing unit " (CSU) , which is .-.a tamper-proof 
secure" module' satisfying standards set forth in, Federal 
Information Processing . Standard " (FIPS) PUB 140-1, level 
3 or -4 as issued fay the U.'S\ Dept. of --Commerce, National 
Institute of Standards and .'Technology WIST) . Such a CSU 
generates its-- public /private -signature key pair 
internally; "confines-''* the 1 : 'private signature key securely 
and' permanent ly inside- ah kea of -the device that cannot 
be " read Externally, -and -outputs ■ 6nly~ the corresponding 
public" ? key , * -which will -be used to- -verify. . its signatures . 
One CSU available from Bolt, Baranek,- " and Newman of 
Bdston" l z MA '(BBN 5 ) is' configured to fallow a back-up version 
or its private s'igSairure - key CO =be created using a 
--K-bf-N threshold" ^schemeV -in -which the; private key is 
sp-lit : , into -N - shares- and . placed on; small plastic 
data -keys, v each-' of : ^WHicH^'cbntains:; a; memory chip. The 
'data'-keys-'are 5 a ■■pat%hfce-d product, of Datakey, . Inc . of 
BurhsVilie : , ^ -'^'rt, ; -sh^uldo -the-.- .tCSU device be 

:? destroyea/- a' quorum^ 3of~ : 'at ; least: K*. data- keys can 
- reconstruct '-%'he* pfci-fraCe'ifcey . - • "- .s^i ? ... 
v.;.: .. .^t ' least- one 1 ma^d*- security standards body, the 
' American- 'Bankers •Associatd-on ANSI/ - X9 . Fl committee on 
Cryptographic • security ^ih-wholesale banking applications 
: has" recommended* that? CSU' s- Should be .designed to forbid 
-inyexport of "the-private Vkey from3the idevice in any form 

in order to prevent any possible -unauthorized theft and 
v -use- ; bf "the key'. This- : approach-would .require an elaborate 
' -probe'dure ' for disaster -recovery, involving the use of 
r "several '' key pairs -simultaneous iy J: Because a single key 
-wo'uia" exist" only - in- : a- single 'CSU at a, single site, the 
; los : s :: "Of ' a CSU or- of " a, site;. -would force the CA to use 

another key ' paW ift' order". "to -continue-: business . This 



would require -the CA to publicize and/or securely 
distributee several (at least two or three) public keys, 
each identified by a distinct code . number (e.g., BT01, 
BT02, -BT03),. so that users,, could continue to verify the 
1 tsignatur^s . ~-th%ts. -the- CA. : .would t . iss.u.e _ after one CSU 
(possibly containing : the private key r for BT01) had been 
destroyed... -See ^;X9. 30 -Part; ^3 concerning procedures for 
disaster reppyery-, . t . ^ t . 

■ . * An gobjept ,-.?•£ ther present -inventipp; is to provide a 
r digital ^ signing* / _ : - system c . {" signing , . system") for 
certificates -and pt^her high yalue dpcurrients (including 
v contracts, - electronic representations r .of currency, 
negotiable_:docuir)entfS , , epq . )_., witt^. improved security and 
-,f lexibility . ;r^r: ; • r — ■> 0 

^ ; .A, further : object.- of ,t : he present , ^invention is to 
£ -provide a s£gning r r&ystem in „ which r a ■„ digital signature 
: yerif iably - re^late^-cto - a signature key, ^nd in which no 
'^single .'signing "^deyice^needs to contain, the. signature key 
r during the/ .document signing.- operation . , , - 
.. .-ii'; A further - object-., -of , ; the, ^prjssjept . invention is to 
' : provide as signing system which permits., Iq^s or compromise 
c of/ one-, j r or -j :more;;osigning- devices ...... ,wljile maintaining 

available , un- compromised signiiag, services . 
r-? r :± A f urtherii ofej.eg:fe o,f v: th^. - present invention is to 
provide:. ^ & sigjii&g:. : . sYst^m :3 in.. - jwhijch^ multiple .signing 
devices:- .:ea.eh" vereatey j x vipodif y , ^ or/ r c^njb.irie one or more 
^partial : ;signaturersr, : :; and the : ... aresult, : operations by 
^ *mu>ltiple .-*-:• signing^ :! devi : Ges r ; -produces . tl a. ...single digital 

i "signature . r . . v-^ ,- >:5 . . . - -..-- t . ~. :. 
"* /: A hf urther -<pbj.-e5t- r . ,of t.h^ x - present .invention is to 
: -provide a* signing system ;in which multiple authorizing 
^agents, direct ly:. or . i-ndixt^tl.y ,authQri2,e c: |ach individual 
"-signing d^yicerto. -af f ix c oj: mpdif y r a partial signature. 

e ;-; "A bf.urther? .robj.ect : of-. the-, pre^.en.^ .invention is to 
-provide j a :xob\jst T and- easy-to-use. jn^chanism .in which 



authorizing* agents can temporarily . delegate their 
authorizing capability. . - ; i 

- . The. "mult irsfcep. .signing system described here uses a 
public key - cryptosystem approach to sign, ran electronic 
document such thats a recipient of the document can verify 
the 'signature'-: using a. : public, verification key of the 
signer,-.: .The private signature.; key which corresponds to 
• the public -verification key ris not permitted to exist in 
"whole, -available -form:. in t . ..one pla.ce-jat any time during 
normal signing., operations . Instead,.: a private signature 
keyf consists of .: .. ."operational: .shares? which can be used 
-■•to- affix -or - modify a partial .signature,. and sequential 
operation^ of -multiple-; shares- produces a .signature that 
'can-be verified -'Using. the public verification key. The 
.jf.u-1-1 signature'' • is:. ,noUx :completed ~ •until e ;all , or some 
iquorum, of-^the, signing^ devices hav^ signed.,; Each signing 
device r inrturn requires authorization . from all, or some 
^quoriim^'ofi itsr> associated" ^authorizing agents before 
..part icipating in. the : signature . process : > 
i \ . .■ - xif.y during ../the * initial generation..; of operational 
' shares',: a" whole signatures-key is . generated, the whole 
^signature- key;v^isv.dest-royed after shares are distributed. 
-Because the .r±sk ;:of loss::from . Lthe theft - ; or. compromise of 
any one device is now greatly reduced, - t-he information 
-content ,of. te-achicsigni^g- device can be now duplicated 
c ( e . g.:-v. '£or remote ; backup; ;or-j f orr a., plug-in ^replacement or 
i»hot" -standby)*- sarthat: if::" any device v f alls , it can be 
replabed" 7 *.=(.or v reconstituted)- viand seryice can resume 
auickly. The consequence of subversion of any individual 
^'signing ^device - is^ lowered-.,; because;, the signing operation 
cannot be completed ;.with ;a ^single, device. . 

tA mult i- layered.. authorization management system is 
.-'established, /such that each- signing device, has registered 
within- - it^'-'a number ,of_! individuals = : lor - .external smart 
cards used by designated individuals) , and the-, signing 



device participates in- the- 1 'signing operation only upon 
authorization from a quorum of^ registered individuals. 
A- quorum of these: individuals (called authorizing agents) 
are . - also required .to ^authorize /changes to the system, 
such— -as registering additional authorizing agents, 
"deleting ^'authorising ; -.agents/. altering; the quorum 
requirements:- for ~ any of' the varrious . actions that the 
signing, -devices-; can'? perform-,., or* -generating and 
distributing additional ^023 JsubsJtitute Jfeyf-sets. 

^In -this way f -a- signature Tcan '.be applied that .can be 
^verified: using. ^.pubMc "verification key ,;: but no private 
signature; key exists at .a. single locat ion< where it may be 
Subject to ; compromise, ox: catastrophe. -.^-. Multiple sites 
muSt—f^ail "or :be compromised- be£ ore interrupting signing 
services c'-^or . before;;, .ana .i adversary^ ^cquia?es sufficient 
information tc forge- : signatures ..-Individual signing 
device-s^-need nbt^ be 1 as::, be . as highly ise cure for a CSU 
; usSihg ■ a -s ingle> 4*ho:ike\ key;.* A: orelati^e;ly inexpensive 
device meeting^the",? standards q£;EM>S: 14 Or 1 /.level 3 may be 
-iised L {i^e.i, a! devices tthat.: is Stamper resistant)// thus 
■avoiding the. rteed^Gorruse a /relatively -expensive level 4 
^device (which^ ta^esT?..factive^:rjhea^ures*.- .tp destroy or 
saf eguairdi ; - -iiWMrnaao 1 in-f onriat i-orr ^when; 1 1 amper ing i s 

• <iete*c ted}?. w - "^ £^ 5^i:vv?r ^r:o 

'"- Ah : ■"■ aut-hcDr-i2Strio^-*:?delegation mechanism al'lows an 
authorizing-'- ag^nt^rj^r^-J let..^r.az delegate^ or quorum of 
'dei'egartesv authorize -hrs^. smarLt;i.>csrd" -tro* 1 - affix his/her 
-'sigfiaturer during ^temporary periods of time. 

* ^The:> invention* will-.* be; descrit^edj belpw^with reference 
to--' attached drawirigswihrr which r. r ; ; -;rr.6^ 

•* c ^'Figure 1- ~ -illustrates: - an ' t.. overview of a basic 
-architecture * -■ ffcr- -= ana.: operational ./.signing system in 

* -a c coir dance -wi thn the :; present invent ioni; : j i 



Figure 2 shows a preferred architecture for a data 
.center haying a- signing^ device ; rv - 

Figure -3 illustrates a .preferred architecture for a 
trusted; device used_byan authorizing agent; 

Figure 4 : illustrates a - process-, for temporarily 
certifying-* uninitiated^ /signing -devices , during system 
startup, and:, initialisation; 
i Figure 5. illus txate;S; -»a process ,for:. generating and 

distributing operational,, shares of i_.^ja system wide 
-.'authority key:; a;'^^.-; . r~'$ - 

Figure 6 illustrates..--* ^.multi-step -signature 
r: procedure for .-recertifying a 'signing device; 

Figure 7 shows an overall .system; architecture for 
'--cei^t-ifyin^and ^regist^-rrhg authorizing agents; 
^ i ? figure - - 8"' illustrates':-', a * .multi-step signature 
procedure - usitfg 'authorizing ^agents ;* .-J";-: /: : 

Figure 9 illustrates the flow of a document through 
various authorizing agents and signing devices during 
routine multi-step signature operations; 

figure 10 illustrates the evolution of signatures on 
a document during routine multi-step signature 
operations ; 

Figure 11 illustrates th'e flow of a document during 
a parallel embodiment of the Multi-Step Signing System; 

Figure 12 illustrates the processing of one of the 
copies, and the combination of the three partial 
signatures into the system wide authority signature; 

Figure 13 illustrates a command for deleting an 
authorisation agent ; 

Figure 14 illustrates a command adding an 

authorising agent; 

Figure 15 illustrates a first sample request; 

Figure 16 illustrates a second sample request; 

Figure 17 illustrates a third sample request; 

Figure 18 illustrates a fourth sample request; 

Figure 19 illustrates a sample instruction which 
includes a command and a certificate; 

Figure 20 illustrates a message for removing a 

signing device; 



1 

Figure 21A illustrates a sample request to a sending 
device to copy its key share (s) ; 

"^Figure 21B illustrates a ^ sample - ^message from a 
sending device to- a receiving device; 

- Figure' 22". illustrates^' encryp-ting stored key share; 

Figure 23 * illustrates a ; process for. generating and 
distributing ? encrypted key -shares and shares of 
decryption keys; - ' ;.v . ; *.. .v 

Figure 24 illustrates- an .interlocking ring 
architecture; and - " 0 

Figure -25 illustrates :a-; request * fov, a substitution 
certificate.^"-?'' r:^ i..';r ■ " ?:L^..t 

The" .-.most ■ direct o®qpl.ajaati.On / „pf ;the multi-step 
signature ^method rbegins with a a ^-discussion of , several 
relevant: mathematical::proces§e3 . . r . rq 



A . 'Multiplicative Scheme with Sequential "Partial Signing 
~ ' First; "a secret 'signature key' "KSWA" of a 
public/private key pair' belonging 'to a "system-wide 
authority" is" represented as number ("riO") of shares 
("ai") in such a way that the signature key KSWA can be 
computed as the product of * any threshold number ("to") of 
shares, "where to is *" less-than-br-equal-to no. The 
representation is done" such that "it is" difficult or 
impossible ' to recover the signature key K SWA when 
possessing fewer than £6 "''shares! * : This can be 
accomplished by/ for example T) using a Shamir- type 
secret sharing scheme"' (A*. 'Shamir, '"How to Share a 
Secret Communications^ of the ACM , Nfov . 1'979, V. 22, n. 
11) , ~ 2) using "a Blak ley' -type secret* sharing scheme (G. 

"BlakleyV" "Safeguarding "Cryptographic Keys," 
Proceedings ' of the National ^ Computer " Conference, 1979, 
American Federation" ok * Information Processing Societies, 
V. * 4 8'V" t i979/ pp. 242 - 26*8 )j V) factoring 1 the key; or 4) 
'generating the key as" a - product 'of known'' factors . All 
that "is necessary is ~ t'fiat "the' private "key "is represented 
as: f 

K- S wa = a^* ' a 2 "+ . . . *"a t2 (mod '2N)' 

where* ~K SWA is tfie : signature Tcey and' a, are any combination 
of to shares . 

Second, a signature is formed using multiple devices 
by*' haVin^^^ 1 partial signature 

^left. by a - prior device, "using one share ai of the private 
key. When ' using ""modulo" N" arithmetic (wherein an 
arithmetic operation concludes* by dividing the result by 
a modulus N and taking the v remainder " ks - the modulo N 
result) , the ' following relationship between 
multiplication of" expohen'ts' and sequential exponentiation 
is true : 

^iiw^ 2) f- ( - mod ' N) -* ;T ^x**?* 2 ) r (hok'm ' « " ( '(x* 2 ) aV ) '(^od N) 

Stated another way,' if a" base value x'is exponentiated by 



the product of two factors al and a2 , the ^result is the 
same as if the base were exponentiated by a first factor 
al # and that result exponentiated by the second factor 
a2 . Furthermore, the order of exponentiation may be 
reversed, so that the result will be the same if the base 
is first exponentiated .by the second factor a2 , and that 
result exponentiated^ by the first factor al. This 
relationship can be generalized to exponentiation by 
three or more factors. Unless stated _ otherwise, all 
.arithmetic .operations are to be considered modulcrN. 

.In the multi-step, signature method, ' shares of a 
signature key a x , a 2 , a n? are distributed to separate 

devices. A first device affixes, a partial signature to 



a document by hashing, .the; document (the symbol "H" will 
be used to designate . the result - of , the hash operation) 
and, exponentiating the hash ^s: 
first partial sign^tifre = . (H) a \ [mod N) 

A second device advances the signature by exponentiating 
the first partial signature using a second share a2 as: 
second partial .signature ' = UH) al ) a2 (mod NT 
The process repeats until "tO" devices have exponentiated 
the hash us4,ng ..each of "tO" separate shares , to produce 
a final signature that can be verified using the public 



K SWA ' 



B. Additive Scheme with Asynchronous Partial Signing 

r — — T. — l-mtb ->-i.v:^ r ~:si- — M * 

An alternative way t.o accomplish a similar result 
involves dividing.^ the ^ private T key of the signing 
authority Into, shares which can be added (modulo N) to 
yield ,the private key - 
=,. ^i. .+ a 2 + , v .. a c (mod N) 

.This in turn permits the multi-step^ signing to be 
performed an in an asynchronous manner by separately 
generat ing intermediate values (H) ai by .exponent i at ing the 
hash by each of .the shares, and then multiplying the 



resulting intermediate values, such as the following: 
S = H al * H a2 * ... H a3 (mod N) 

This can ^ have, , considerable operational advantages 
over the sequential method .described .above , because it is 
not necessary, to rout;e Xhe message sequentially from one 
location : tq " another .. . ...Instead, ' a central administrator 

<can-;: in ; a, straightforward manner., simply send the same 
message. (,qr r hash) , directly .to each location for partial 
.signing, and then combine .the ' resulting partial 
. signatures .... to / produce . the. 'f inal'^ desired official 

: signature.,, ^ This f inal combining" operation does not 
^require any. special, security, because' it does not add any 
v information: . .not. , already contained in the partial 
-.signatures,, thus' .allowing ; the. administrator to work from 
a. • desktop - ^ • ; - Indeed Vhe J part ia'l s ignatures could 
conceivably -be eyen- be r ieft for later "combining by the 
recipient who verifies the transaction l" This burdens the 
: recipient - with . Addit^nal .processing workload, but does 
not: .-weaken.-.the security ^ of .the official signature. 

- : .-Signature schemes... based on exponentiation which can 
,be modified to, ■, permit .'mult i - step signing include : R . 
- .kves^ AvJihat^ 0 Vn4 .l7 A^l4^an ("RSA"5, "A method for 
.Obtaining, . ^M^i^rto^^V^^ ' ' Public Key 

: Cryp tosys terns , ; '■' Communications of ? the ACM , v . 2 1 , n . 2 , 
, ;PP> 12-0- 126 , ; : February 19/7_8 >7 D. Kravitz : , "Digital Signature 
, Algorithm k-J^^Cz-Rf^ ,-??. te ^' No.. 5^'23i;6€8; . ISestnet, Y. 
-, ~Frankel 7 , a - : •JThresho f id r , .^Crypto systems , CRYPTO ' 89 , 
pp. 307-15, 1989; Taher ^El-Gamai; "A Public Key 
Qryptosystem, and ^Signature 'scheme 'fcased on Discrete 
; liogari thms " \ S.? El _-Gam,al_ s Signature Algorithm"), IEEE 
transactions - 5 pn .Information Theory, Vol. IT-31, No. 4, 
ij ul . v . ,.1.985 . a S , . Micali ,. ; }k Secure ~ and Efficient Digital 
; r -Signature,.'.' .System, »_.. ! ; MIT/tcs7TM-5bl , Massachusetts 
.Institute; of technology , ^Lab?^ at or 'for Computer Science, 
March 1994;. ,A % -Merjeize.s'. et." ailT 7 " - Elf'ipt ic Curve Public Key 
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Crypto System^," 1993. " 

SYSTEM OVERVIEW - • 
- Figure 1 illustrates in : overview of an architecture 
for a " signirig,.. ..system ' in accordance- with the present 
invention. The'" architecture includes- -multiple signing 
devices 15/' 17 ; 19- interconnected: by a wide are^ 

network (WANT or l'ocal :: area network . Individual 

signing devices' , c: 1^, 15',- 17 13- * are dispersed 
geographically as wiidfeiy- as : the WAN/IAN permits > ti such as 
in separate 'continent's , separate'" : citeS -<or at least in 
separate' parts' of " a' Wingl : e ): metropolitan -.area. 

"in Figure 1"/ £ S'ighing : -Device - 2 = has. been illustrated 
in greater detail as' ^acrr example r E'aeh- signing device is 
assigned a ; permaneht e identif ica£ion 'code (e.g. , unique 
serial number) arid a* lbgica : l nanie (e vg Signing Device 
X" ) , along with**' a f>tibl J ir /private device* key pair 12a, 
12b, % for ~ encrypti:^^^^ communications and a 

separate "public /private ' device : -key '•*pa:£r. 14a, 14b, for 
verifying/ sigh^nV I rv; addition, each signing 

device deceives the public' encryption keys 16 and public 
verification keys l l 8' '^f or all iothkr signing devices. 

HereafVeVT'encr^ are designated 

as "KE/ 1 while 0 ''^te^ljfesignkte'S' Signature/verification 
keys! A plus ' ( "U'H" superscript : indicates a public key, 
and a minus ("- *) * superscript indicates a private key. 
Subscripts ' indicate" x the s owners of =>- the*- private keys of 
respective key pkif-S - ' : ** : " • ■ * : - 4 : • • i\. 

Groups of kuthorizihg agents 23 " 9 "{2lS 9 27, 29, 31 are 
also interconnected through the- -network to one another 
and to "the si§riin'ig 'devices ,- ' 13V :: ^5 r , 17, 19. Each 
authorizing agent' Ts''"' 1 ^ person -acting-^fhrough a trusted 
computer device ( such : ¥s ? "'a : 't amp ! er - re si st ant smart card, 
or other trusted He<^Lce : ) ;,L a-s will '"be- discussed more fully 
below. Authorizing 1 agents may be dispersed to the full 



extent of the LAN/WAN 21, but it is assumed that groups 
of authorizing agents will.be. located in proximity to 
corresponding* signing devices at - most ■ times for the 
convenience - of ' the- 'organizat ion managing the signing 
system". • -- - :. .-- a .. z 

In- Figure 3., • Authorizing Agent -2a (item 25) has been 
illustrated by way of -example. .and using the. same notation 
for* keys a's discussed* "above in relation to keys held by 
Sighing - Device^ 2-. .: -Each authorizing . agent ' s trusted 
device " J ' is * '^assigned" ' a;; : unique name,,; along with a 
public/private device. J. , -key -pair r20a, 20b for 
encrypt infer/decrypting' communications .and a separate 
pubrfc/pr-iVate^ device:- - key , pair.. .- 22a, 22b. for 
verifying/sighing ^signatures. ; If? .the RSA public key 
cryp^osystem' is • employed"-, ,then one- su.ch--.pair could be 
used ^f or both 'signatures .and encrypt ion- r at the same time. 
Authorizing agents- ^Ibo; receive public (encryption keys 24 
and' - public .:ve.rif.ieati6nl."keys.-26 of all other authorizing 
ageh'ts"-I '■ - '■■ >•' - - ?v ' ^"~>^ ~ • -i' '- ^ 

: ■■ signing devices', also: receive the public encryption 
; key s 2 4 - : and v public s. ,-ver i f i cat ion. ~ keys 26 for all 
•"authorizing ; -sageHfcsUCv Similarly, Authorizing agents' 
"-trussed -device's- receive public; ^encryption keys 28 and 
■public -verification-keys-: 3-0: for al-1 signing devices . 

~t ■.{.-. For "ea'se r " of -explanafiion of the : multi- step signature 
"process - which' foll©wsv£:^:it.. .will be assumed that all 
cbmmuriicat'ions. on" i the /-network ; are encrypted using a 
standard -Public Kfe'y." Cryptbsystem ( "PKC" ) -., scheme , such as 
RSS-Key- transport, -lit. .wild- also be assumed that commands 
'-■sent from one networkcentity to another a-re signed by the 
sertder - using " a' .=> standard .. (.PKC)- . ; scheme, such as 
RS£ : signature with 1 MD5 message .digest.-. In future 

: '/drawings,- -device encryption/decryption . keys , and device 
signature /verification .keysimay.be omitted, but should be 
" -understood -as -present; in- all- .-devices as discussed above. 
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Figure 2 shows a preferred architecture for a secure 
data- center computer configuration 4 : 8, where each signing 
device** of Figure 1 preferably : will -be. found . In addition 
to a signing device 29, each data center- configuration 48 
-additionally-' contains a separate-, message server 47. The 
^ signing device 3 SLvis- dfcdiQated;, to, signing operations and 
is located*: in a . physically securer .location, such as a 

• Vault., ^here .is no -direct^ connect£oiV;between the signing 
device ^and the. - external- ^Qraputey ' network s As will be 

• discussed .more fully*- below, the. signing idevice 39 will be 
provided with: a -/key shaxe.jfor tjiulti-step signing 36, its 
own device signature- ckey 3 7-> : ; .-table %8 ^identif ying its 
authorizing agents^. L.atid -a. . certificate . for its public 

~ verification key 4'0..> public key- chosen . to match^ its key 
■share 3 6 ;(where":the -cextlf icat<e is; signed by the full KS swa 
.viet ~the mult-i-'Stepv method); e:r . • 

'-■:♦•* During the^imilitlrstep 1 signing. ; processes, a signing 
device 3 9 will receive requests through the message 

' serve-r'i 4-7 t ■ s Tfaei-, mes-sage', ^errv^r performs routine 
cbmmunicat'i-ori ':processes^. ^suchn.as stripping off routine 

-privacy envelopes which- » ijsay have .- been affixed by 
rn*t~ej^ediat-es. r -^the ss-errver A^r-^pes^jxot possess the signing 

- devi he ' s- private- decx^pt.ibii- rkie.y;) -v & and ^queuing the input s 

-in case they "aresi'pfesentedovfester than they: can be 
processed". -* : -The jmess3g£!;s~eryer ^presents; jnessages to the 

r signing device '^orv resigning/; receiyes rr: the signed (or 

"partially "signed) .-: result-, and ; either-. ^( : a) returns the 
partially signed, result to s the requester^: or (b) routes 
the result to the. next: -device: .-in the* protocol . -In order 

;r to : receive and : participate,: In ordinary communication 
protocols the- -message server,.; -also : v possesses a 
.public-private^-, key ; pair , 32.; 33 . : f or v .signing its own 
messages/ and:* another 3.4:/- 3'5. for encryption, to enable it 

• ; to receive and bpen encrypted, messages thereby, freeing 
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the signing device of this routine' burden without 
significantly affecting the security of the secure 
signing process\ 

The message server 47 may be a comparatively less 
secure computer "in a lower security - environment such as 
an 'ordinary 1 'secure 'data center. The " message server 4 7 
connects" 1 to the LAN/WAN 21 and provides document queuing 
and' communications * service's for the -signing device 39. 
The Message server : 47 includes a- : system 1 log 49 that 
fhaintVihs' ail "audit trail of messages =and documents sent 
to and 'from trie signing : device': 1 As shown, a signing 
device and its' associated message server preferably are 
divided into" two, ^physically 'separate computers. 
Although " leWs "preferred, : '£He -signing • : device 3 9 and 
message J serve'± 4 7 "could* " r be implemented as - separate tasks 
on "a sih§ie computer in a highly secure environment. 

" Trie " ; mes l sa'ge* server can also- provide a layer of 
prbtection/' kntfwn -is i; : a ;: "firewall ,:" that separately 
Validates' all t r ansae tibrial^ inpufis -prior to; passing them 
"bn to the ; signingr devifeesV r : Otherwi&e^ an "on-line" 
signing* ^device "acceVsrble : - ; ^to : " -a public^ network would be 
open €o Unlimited '"Kafekihg attempts, as" well as to network 
'saturation : attacks "^imed at r denial 'bf service . Denial 
"attacks 'may disrupt' dail^ certificate -issuance, but would 
not cripple users : who rely'bn previously -'signed documents 
"(which* is 'the" Vast' ^'majority :; 6f the anticipated user 
population):' Howe'v4r/ riack 5 attempts' -will always pose a 
thireat , especially" if 'hackers identify some hidden flaw. 
^Trie message server can Verify all' messages against a list 
" at authorized devic^es Ji (signing devices* and authorizing 
S a^ints), as well l ^s ; niofe complex strategies to identify 
:: pbsslble' : Attacks 1 , ~ : deriy 1 access" after-a number of failed 
1 attempts/ and und^ftake sophist icated - act-ions to track 
• down ^ the' sbuirce %F any ' false data-inputs. This will 
:: a : i j iow'thfe sighih| ; M4vice ;r s firmware to remain simpler and 



easier- - to validate, while also allowing the system 
operators, to modify., their -detection, and evasion 
strategies in accord with the .current state of network 
security. . . ; 

Figure 3., illustrates ,a working station for 
authorizing agents ^ , ^The. human operators who act as 
authorizing agents- may. work in relatively unsecured areas 
at ^desk-top -computers or terminals 51 typically found in 
a business office.. Each s.uqh computer pr . terminal will 
have ,a card ^ = rfader -. 53 , .,and each . operator will have a 
secure, "smart .card.J! 55-..._ .Each ; snjart card 55 securely 
contains., a t private .^ecr^tion key. and a private signature 
key which are., unique to that, smart card. The human 
operator can use th§,..car^ .to i?.?ue signing, instruct ions . 

-.Such a trusted, device, r .may . be implemented using a FIPS 
level-3.. : d : evice /r . suqrh .a^^an. iPower , t card from National 
Semiconductor .Corp vV -.qf S^nta ? Clara, CA, which can be 
readily reprog^amrped -fit £h£ firmware level to allow for 
progressive .evolution ...of. ney fnethpd.s. and procedures for 

^secure- signing.- . andL^ authorization, without needing to 
replace \the physical -devices^ Eaxrh authorizing agent ' s 
trusted device - mus,t > F ^h^y^e^at. .least ,3 private signature 
key,. Preferably^ Kpfc^ P^iv,ate. ; pignature key is installed 
in : : ; -the .-device,, at ■ e *tinie,.. 0 Qf . manufacturer, and the 

: corresponding-, gubl^c.. v;eri| igajtipn., key is "certified" by 
the-, manufacturer^ -Certification, here, means that the 
mapuf act-urer- *ba?. 5 inciud^d , . . with . the trusted device, an 
el,ectroni.Cc mes.sAge iT c6©taining, the device 's serial number, 
and •-public ,■ key , .along with., its mqdel number and other 

b^yicjence/.of its. trusted, characteristics, and that message 
(certificate) has h,e en .^signed by^ the. s manufacturer . 

-< ,The ; human, operators use their desk-top computers to 
read and generate messages,. When a human operator wishes 
to , sign- -.a message, the T desk- top. computer sends the 
message to. the * trusted ...device, which appends a .digital 
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signature using the 'device private signature key. In the 
preferred embodiment ,- this .'signature is the signature of 
a second signature :key pair which has been specifically 
generated for and certified as belonging to the specified 
user 1 ;' In this manner;:, the. system can continue to use the 
device's signature.:, to verify the trust level of the 
"device on- ariy' : given- transaction,: while using the user's 
signature to attest to the user's identity- and consent to 
the -transaction;- ■ - This allows: the user key to be 
generated and revoked ..: remotely , depending possibly on 
various-administrative facts •about -.the; user' s identity or 
"authority, while also -allowing the device to be reused, 
or to host several ^ other, user key pairs, which the user 
may wish to' use : "f dr* -other \ unrelated purposes . 

... ■: Figure - 3 -arso .-il-lustxates -a preferred architecture 
for a possible-' rousted i -device to be used by an 
authorizing— agentv : ^ ■ It ^comprises a single micro-chip 
encased on ^ card, in-^ai. -conf iguration known as a "smart 
-c'ar*d T"he micro. -"chip -.device has.:: input/ output circuitry 
r 4 2- : for" power->ahd comraaroic.at iojts , and -a microcontroller 44 
• for -''executing :.~fi:3nnwar.e:{tj>rogranM?>v. .Memory 52 contains 
system - firmware! -;.4 3 to. operate the , hardware of the 
microchip (similar-. to; a;;.simpPle : operating. ; system) . Memory 
52 also includes areas for storing manufacturer- installed 
^e^i^^ys' *t£s<£&:Hmrs. 47 received as part of the 

^ protocol described.' herein/ - and application firmware 49 
for ^executing the v-network: protocols described herein. 
'Additional unused memory -is provided as.a work area 54 
•fbV t'empo'rary storage as required. . ; The ; micro-chip may 
-'a Iso include an optional- "crypto- unit" -46, which is a 
-special-' purpose .arithmetic accelerator unit having 
hardware for performing . accelerated exponentiation and 
-'■-other arithmetic "operations ;. of - encryption/decryption and 
i 'ds'i^na-tMre ' processes'-. The; micro- chip, .further inc ludes an 
v: optTonal-- trusted time -vclock *4Q (assuming the presence of 
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suitable battery power)- initialised by t : he manufacture 
and useful for 'time stamping signatures. The micro-chip 
further includes an optional, random numbej generator 50 
to "bfe - used with v encrypt ion/decryptipn ^processes . The 
smart card may . also include an optional ^npise source (not 
shown)', such : as a diode, that, is .either internal or 
external' to the- micro-chip., for^use in generating random 
numbers . • $ ; ?. : 

~ f - v The signing device previously shown ; ;in Figure 2 may 
al£6 be - a > smart- card -having -the same .general design as 
the trusted ' devices, of 1. the .- authorizing^ agents . 
•* Devices in the .-.network ;will be initialized in a 
^series of:- stages as .-.follows v •; * 

- : 1 ) * encrypt ion*; key; distribution ; ■ 0i . 

2)' signing -'devxcej^'empprarYp certification; 

3 ) *^key sharei jdistribution;;, :: 

4) " signing device :reoert~if ication; and 

5) ■ -auphordzingrcagentocerti-f iqatipn.. 

: Each will'-be discussedrin turn*. . .-Fol lowing the discussion 
of system initialization;, ^fche preferred : .met hods of use 
"for-' signing '.--hrgh r ly^ v.Tsecure - certificates and other 
documents 1 - ^ will- be explained:;, ; ;; as ; . ;> well as further 
■variations " and'] enhancements;.. ; ~. . ^ ^ ; z y • - 

' i ~ ' ENGRYPT-ION KEY DISTRIBUTION 
- Each signing ^device;! ^nd ^each^authprizing agents' 
•smart -card is v assumed/ttOErbe a-" trusted device" in that it 
is a~ : tamper- resistant- idevice that- functions only in 
accord •'■ with ' stated^ . -charae^episties v and whose 
'manufacturer, -has! endowed it with : a f device signature key 
-pair and- - a * device . encryption- key .pair stored in a 
"prbt ec ted'- memory . v. At * a;.ininirnum/i the v manuf acturer of such 
a device '^will T; attest --that: ^.the:>deyice - will not divulge 
either its "< own*' or :i "its:, user' s -private., .key (s) without an 
expensive tampering effort..-. - Each device also has an 



electronic certificate, signed by the manufacturer, 
containing: 1) the device serial number; J 2) the device's 
public signature verification key; and" "3) the device's 
public encryption key. ' The manufacture may install two 
separate certificates, one for the signature verification 
key and one for the' encryption". * key . ' Signing devices 
encrypt their communications using a" public/private 
cr^.tographiV scheme. In . the alternative',' the method can 
proceed" without manufacturer certificates by providing 
physical protection for all devices, such as conducting 
the initialization "tasks in a secure vault where a small 
(notebook) computer is used in lieu of' a trusted signing 

device. _ : 

It is assumed that each trusted device begins with 
certain basic functionality, such as software conferring 
the " ability' to initiate and receive" messages through a 
network or an electronic mail system, that lets it 
communicate with .other trusted devices'. It is also 
'assumed that at least' on£ signing device, designated as 
the "lead",' deviceV is^ 'Capable 'of receiving information 
about the initial' state' of the "system from human 
* operators responsible ~'to± initializing ' tlie system. 

" The next step^ is for devices 

'to "exchange' 'device keys . r "Key "distribution proceeds as 

follows . " 1 . 

1) One signing "device', designated" as the "lead, 

receives from human"' 'operators the " identities of other 

signing 'devices' in the system. The lead device sends its 
"public ' encryption key ind public signature verification 
'key to the other* signing""' devices .'' "Optionally, the lead 
^device' may "also send''' a message "for ' '"validating the. 
"'firmware" under' wtiich it is" operating, for example, by 
"hashing its firmware, signing the' hash value using its 

device signature key' arid sending : the signed hash value to 

the other devices . 



2) After other signing devices receive the lead 
device's public encryption key, each other' signing device 
sends its .respective public signature verification key 
and public encryption key certificate (s) back to the lead 
device. If the lead device sent a hash of its firmware, 
each other signing device' 'hashes its own firmware and 
compares the two. Both "hashes must "match, otherwise, the 
respective signing device stops participating in the 
protocol and notifies its operators". This comparison of 
hash values ensures" that 'all" sighing devices use 
identical firmware, which acts as a check, that the lead 
device is not an " impostor 7 " Each" signing device 
optionally returns a 'hash of its ' respective firmware to 
the ; lead device . 

3) The lead device compares the hashes of the 
respective other devices' firmware against its own hash, 
which acts.as a check that none of" tHe other devices is 
an impostor. ^ 

All signing devices " now have : received public 
encryption and signature verification keys for the other 
devices. It will be understood that' all future messages 

will be. signed by the sender's private signature key and 

r ...fs_„.; .r. ■ • s .: is ',.r:s .v-j £. - 
verified, by the recipient using the sender' s public 

verification key. It will also be understood that all 

communications will be encrypted using the recipient's 

public encryption key and decrypted using the recipient's 

.private decryption key. 

These additional signature keys ~ are not used for 

.multi-step signing (which will be discussed below) , but 

are . used instead -for encrypting and" "signing routine 

communications among network entities' as proof of a 

device's individual identity. Such proofs of identity 

and membership in the group are of critical importance 

whjen generating and distributing the master key fragments 

for use in the actual multi-step"' protocol. 
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SIGNING DEVICE TEMPORARY CERTIFI CATION 
.-.Figure 4 illustrates temporary " certification of 
. .uninitiated" .signing, devices . During this process, 
signing device' s„ public key certificates (which were 
5 uns r igned or signed, by the device manufacturer) will be 

.replaced . by certificates signed * by a temporary 
.administrator , ("the administrator"') \ 61. The 
. . .... ; - administratpr. preferably is a human operator responsible 

. for .initializing" the system" and acting through the 
10 ... • administrator/ ^personal smart card. This temporary 
..-certification established an increased level of' security 
among signing devices (as belonging to the target group) 
, r . -for use -while, they generate signature . keys for multi-step 

-< isigning. : During actual "use, "it is anticipated that the 

15 temporary administrator would be operating with multiple 

,.,-,,huir\an witnesses to. assure correct " procedures and that 
the temporary ^certification would-be effective only for 
iX . t/ the minimal time Ja few minutes or ^hours, at most) 
...... ...necessary to, perf; orm the : "'cornp re tW 'master key generation 

.20*,. . -protocol,. • Temporary 'certification"^ as follows: 

_ ;D_ .The''./adminis^ 61 'generates a private 

signature Jcey 63 f and a corresponding public verification 

,^ _ _ 2\ _The ^administrator 61 communicates its public 
.2,5 -signature" "yerif ^icatjlon^key 6 5^ to each' of the signing 

:> . « r . devices ~H , v .13 , e 15^ i 7 7Jl? r // ~ / " ' ' 

. . ....... . 3 ) _ Each sjLgnin^ . device 11, 13, 15, 17, 19 

generates, a private signature key 67, "69, 71, 73, 75 and 
a - public, .^verification key (not shown), and sends a 

. so signature key certification request 'to "the administrator 

r -, 61--- The r , signature k.ey"^ certification request is an 
. ... . t -,.. - electronic ..message f containing the "name of the signing 
..device. (e,g.",„ a deyice se.rial number and/or a logical 
.name - ..such as/"Spi"K the\ device 'a' newly ' generated public 
35.,., , signature vexif ica t ipnj^ key ; ] and "other administrative 
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information "'as desirable. 

4) The administrator signs each certification 
request using the administrator's pirivate signature key. 

5) The administrator returns the signed signature 
key certificates 68; 70r :n 72- 74/ 76 to the respective 
signing diVices ~li', ""13,' 15, 17, 19% Sighed certificates 
68, 70, 72, 74, "'^76 are illustrated as symbols for public 
sV^Vturfe' 1 keys '(KS+T wifeh^ ^pfopriat^ c subscripts and, 
^attached ° below,' the-'" " 'administrator' s signature 

( « - - ADMIN" ) ^Sucli : "cert?if ic&teis" ■ v£ril , :vr of course , also 
include information"''' oh" divide identity and" • type (not 

shown) .* r / " 

sV "The "sigfiihg 1 "device^ " A excHange their new 
temporary public sigharture' verification 'key certificates 
among one another. 

Each* signing' " devid£ " flow v possesses : a) the 
"a,dministr^ key; b) its own 

temporary private' signature keiyV ^3) -its own temporary 
certificate, 'signed £y"ther administrator : and bearing the 
signing device's' temporary- public" signature verification 
key; " and 4 ) * "the" temporary" signature verification key 
certificated "of ' the" otlier* si^iiig^deVic-es . Each signing 
device can use the administrator 's Vef rficat ion key to 
verify the administrator's 'signature on the temporary 
certificates received" ' %rb"nT the otWeTr Wgning devices. 

Each signing device may 'now ' advance to a more 
tightly controlled '"pirase of 'the protocol by exchanging 
messages ' using ' the rj Vignature^ "keys- -that have been 
certified by the temporary admiiiistiratcrr . For ease of 
explanat ion , it wi It be ' assumed that- cbmrnunrcat ions on 
the network "involved' 1 ' "in the mult i- signature operations 
f rom .this point until the " end "Of : device recertif ication 
are signed using a" signature key that 'has been certified 
by the .temporary' "administrator"/ and 1 - that each recipient 
verifies the ' sender ' s" Vigkature oi* the sender. If a 



message is not properly signed, the message will be 
rejected and the protocol will" faXl to continue unless a 
conforming message ' is supplied. It is further 

contemplated that some form of threat analysis or threat 
response may be undertaken when an improperly signed or 
unsigned" message" fs ; received during the multi-step 
initialization and .signature operations . 
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' ' &TTTHOPT2TNG A.GEKTT TEMPOP RPY CERTIFICATION 
.^Figure 4 illustrates temporary' certification of 
authorizing agents': . " As^'wiil' ' *>e discussed more fully 
below, ' a„ si^in^deYiQe^fflxes ' a partial" signature only 
in „ response toj author i'zation from a quorum of authorizing 
agents!.,".. Signing '"devices operating under the 
"authorization of .the .temporary administrator also require 
'a quorum of authorizing agents . Temporary certification 
of "authorizing.', agents t assure that only designated human 
agents ..may authorize; signing';; ' devices during the 
init iation process . 

' ' " ~ The procedure' f or "tempprar certifying authorizing 
agents is similar\toJth«i procedure above for temporarily 
./certifying, signing ^eyicesj and 'proceeds as follows: 

' "i)' The' administrator ' 61/ communicates its public 
signature verification; key" 65'' to each of " the authorizing 
"agents 23.. 2"sV 27 ,; ;29 / 3 ; 'i . _; 

-'"" ; 2.) Each," autWrlzing agent generates a private 
^signature key . 'Ver'tif* feat ion request to" the administrator 
6l'. The "signature 'key ''certification request contains at 
,jeast ; . the following information:" a) authorizing agent 
"jiame "(human' s' distinguished naW) ; b) identification code 
' .for .the " agent' s^truste^ device <••'?•*' smart card serial 
number 'and model ^umb^r ) ; c) signature ' verification key 
"for.; the . human * igent ; and; d) 'signature Verification key 
for the 'agent^s "trusted" '"device (Which serves as an 
assurance that" "the "trussed device is of a known type) . 



3) The administrator signs each certification 
request using. r the administrator' s private signature key. 

4) The administrator returns th£ signed signature 
key certificates to the respective authorizing agents. 



'key share distribution i: 

Figure 5 illustrates generation and distribution of 
"operational* shares" of a system wide authority (SWA) 
.".off icial" r signature key. One signing device, here 
Signing DeviceT f (it^ "liT/ isr "designated as a "lead" 
device. Human operators provide "to this lead signing 
device at least.. the" following information: 

a) The threshold parameter "for splitting a key into 
shares, i . e . / the' total number of sKafes to be generated 
and the minimum number heedecf to affix the SWA signature. 

b) A key idehtif icat'ion niimBer and/or logical name 
to be. assigned tc > "the ^ ^public /private key £>air, e.g., key 
serial. number "KS-01234 , n ~ or" logical name'"BT01. n 

c) Key shiare identification numbers "and/or logical 
names to be assigned to "the* respective shares, e.g., 
V.SWA-SHR-56789, "" or f "BT01a. " 

d) The device certificates of authorizing agents who 

will initially be permitted to authorize that particular 

'.*5-- *i.;;.;t.ira.i:ni.;";b^ s.iT 

signature for each . device . 

• ; T '* ■ — ' -c- no.: 7smi. r^-r - ■/ — • 

The human operators may additionally provide a 

jiumber that limits the total number of fragments" that can 
reside in a single signing device, which can be used when 

,a signing device has multiple" master-keys as discussed 

,more fully. below. 

The next s£ep is togeneiriate shares" for a signature 
key, called the "system wide authority" ""(SWA) key, which 
will r be used to administer the system: "The public SWA 
public . signature key and * corresponding * private SWA key 
shares are .generated and distributed' as 'follows . 

1) Each signing device li, 13', 15, 17, 19 



transmits an encrypted string of random "seed" 
information to the lead signing device 11. 

.2). , .,.The l? a ^ device 11 combines the seed 
information and uses it to generate a public system wide 
authority . signature verification key (KS SWA +) 91, which 
ultimately will be used tq verify official signatures. 

3) The lead device 11 generates operational shares 
93, .95,.. 97, 99, 101 of a private SWA signature key. This 
may . be ..accomplished by first generating a whole 
private/public key pair using well known prior art key 
generation methods and £hen splitting the 'private 
signature r key 92 into shares using one of several well 
known private . . signature key splitting methods. The 
generation of shares carries with it a requirement that 
a. minimum number of separate shares nO be sufficient to 
.complete ,a system wide authority signature. 

A). The lead device 11 transmits the SWA public 
verification key Jl and one private signature key share 
95, 97, 99, 101. to each "other* signing device, while 
retaining^ a copy q£ the SWA public veri'f icat ion key 91 
and .one share of _ the SWA private signature key "93 for 

^itself". Each SWA ^ private^ .signature " key share is 

trjaxianidt ted with. .the. following additional 1 information: 

a) a type code identifying the key as a 
.signature key. ^ share (alsp. . indicating the length of the 
share) ; b) a unique identification code" for the 

. SWA public verification key; 

c) , a unique identification code for each 
respective SWA private signature key share ; 

d) the total number of SWA private signature 
....key shares distributed; 

, . , ^. / e ) the minimum number of SWA private signature 

key. jshar.es needed r to complete a SWA signature; 
: , . f) the identities of signing "devices receiving 

. other SWA private, .signature Jcey shares; and 
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g) certificates of authorizing "agents who will 
be permitted initially to authorize 1 use- of each SWA 
private signature key sHkre on the target signing device. 

The lead -device : 11 will* encrypt each SWA 
private signature key share* using the- certified public 
encryption key o£ the' "respective signing cievice for which 
it is intended. 

5) ' Ttie* lead 7 devici '11 ^outputs the public SWA 
verification* key for the' human operators and erases the 
following inf ormatibri r 

a) the whole" ptiVate SWA 'signature key (if at 

any tim4 during the generation' process the"' whole private 
SWA signature key was " stored)'"; ' and 

h) all shares' of the SWA private" signature key 
(except for one shWre which 1 it retains : fbr its own use) . 

6") Each recipient signing device^ installs its SWA 
private signature key share 71 in a' tamper-proof memory 
area, along with the certificates' : o ; f 4 the v initial human 
authorizers for that device. 

It "is preferred that the private SWA signature key 
.exist at most 'only in"' the lead "* signing ' device 11, and 
then only for 'tKe minimum time necessary to generate and 
distribute shares"!'^' fn * thi^'wiy/ r the ' "whole private SWA 
signature key simply ^does^ not exist for operational use, 
and is 'susceptible "to ; 'at'tack /: f or : bniy 'a ■ short period of 
time during the 'generation process. " 3 

At this stage )' 'each" signing device* 1 how additionally 
has securely received": "a) a copy of the public SWA 
signature verification ' key,- and bf' "a private SWA 
signature key share. 

For the purpose" of illustrating an "example in the 
following "discussion /"at '"'will be assumed (for the sake of 
simplicity) that r the * minimum numbef ' of "shares nO needed 
to affix the SWA ^signatuie'is two out of five shares. It 
should be understood th£t'*~a "higher numSer may be chosen, 



most probably at least three, - which will increase 
security, : but which' will also increase ' the number of 
steps in the signing process. ' - 

* ~ SIGNING DEVICE RECERT I F PCAT ION 
During' ■ previous — steps 1 ' of the initialization 
prot66ol l , a- temporary -administrator 61 ; certified device 
signature verification keys /under the -authority of the 
temporary"' administrator -61,- and the : signing device 
certificates were -sighed ; by the administrator's temporary 
signature key : : J -' During- • reee'rtif ication, each signing 
device will circulate-^ new - certificate request for its 
own public 'key ' among * the' Mother- si gni rig- -devices to be 
certified - under- tHe % system ■ wider- * authority key using 
multi-s'tep signing-. 

Figure 6 ; illusl:rat : fes' steps for 'recertifying Signing 
Device : 1 ; . : : fc - The 6ttier signing ^<devi'ces< will recertify 
themselves by repeating -the- process", for ^each device. The 
pr6'besi : f or^Signing Device 1 proceeds j as follows : 

' ■■■■■ 1)' "Signing --Device"' I - -generates an ..unsigned 
certificate 103 arid ; t-rahsmitBVthat - cert if icate to Signing 
Device 7 ^ : ;^"' ; 'Th^ cer^iMcatte : includes at least: a) the 
' ^ighirig 'devfc^ s ; I : ifdeht±ty- ..g-. serial* number and/or 
: device' • logical -name)-; ^^nd- b) a-* s. 'public signature 
veri'f icfatibrr key^br-th^^devic^' s ^signature key.: '.The key 
which is^'Vo be recertif -i T €?d is the: same public key which 
Was originally ; ^eriefated":"by: the 'device at the start of 
the protocol, and first temporarily certified by the 
" administrator This : key will now become the device's 
^permanent indicia of ^membership: in ; the; .'family of ; signing 
''devices handling the shares- of this particular SWA key. 

(The device "signing : key and its* associated manufacturer's 
* "'dett'xf icate remairi v uhchange : dv.during this process, and are 
retained' ^erroahenti : y' ^ proof-of the /device's origin and 
" underlying "characteristics ^ ) ■ " : ~ *■• 
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,2) * Signing Device 2 affixes, a partial, SWA signature 
using .. it.s SWA; signature key share 93 . The partial 
signature is formed in two. steps. First, Signing Device 
2 applies a "hash" function (such as MD5 or SHA) that 
generates a .reducef- length string that is verifiably 
related to the yn r hashed,, certificate . . This string is 
expressed ss -binary digits .which can ^..manipulated as a 
■numerical dlarge integer ); ; .. value.. $e.Qpnd, .Signing Device 
i2- forms a -partial signat : ur:e r Jay. exponentiating the hash 
:s trring w : i t:h. its- SWA signature key share . . That is , Signing 
De.vdce .2 calculates, a- -numerical value J: which becomes the 
<partialr; signature-,, according : to the. formula: 

- --:SD2. HASH ( GERT ) ) [ Tnc H * ? f 2l .- r . mociulp I? 

.(Note that in ,-JDpth. :text- ::: and,^awiiigs ,. string of bits 
that constitutes a signature ..block, is typically indicated 
by. placing, a, rJLona ? - -jd^sh in. -f^ront of the signer's 
-.identifying., labels. Resulting £lpqk is typically 

.appended^ to . t|e.> -bottom „ pf ,,-the b^ock. of .data that was 
: signed, • or is Qthe^ise^obvious^f ro^i,. the_ context . ) 

^d-iv- Signing^rDevAce .2, <: series the partially . signed 
~- certif±catevlG5; :: t : o : r Signing Device - 3^ . ♦ C;t .. 

:4lrv; " Srigni^ngoP^iV^ce- 3 ; , .-completes., the system wide 
authority sigjiatu^e 

■ partial si^nartiare . -3.SD2 . ^ , That £ is^. ^Signing Device 3 
^calculates. i a ^num^ical^YaU^; acooniing. to t the fprmula: 
V ;> --v- -SD3[ ^SDi]r l 5?^ 33 l5 • modulp ^. 

• , .^H (-HASH {QEX&V s exp, KEY. ; SHARE. 2,i e^p ; KEY SHARE 3) 

The"- partial signature af.fixed. by Signing. Device 2 may be 

- allowed to -remain-: attached, to -the., doq.^n^nt as an audit 
.^trail. Ndte.;.:that .-.only- 2 partial, signatures were 
• required an this (: simplified, example, ^ ^ rfT . 

i 5) Signing Dey ice. 3 : returns, the ..signed certificate 
to Signing cDevi.ce- 1,^ which, then^distriiputes copies of the 
tificate to,-, the- .other „. signing, devices , . thereby 
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* ... ... ~< . " . :> " f 

allowing them to verify its future signatures. 

In this .example, signing devices 2 and 3 affixed 
signatures in , that order, , Any combination of signing 
devices may sign' in ' any "order (as long as the number 
exceeds the .minimum to) , producing the same signature. 
. \ ...Recertifi-caiion' is "important, because future 
operations, .performed by r the . full' system of signing 
devices willl preferably, .be performed only in response to 
requests .'from .devices (e.g . ,'. '" of the" authorizers, as 
discussed,., below). ,phat7 have been ^certified by the SWA 
aignature.. . Signing devices "themselves may make requests 
to other signing devices'. By this procedure, the signing 
devices themseiyes become the. first devices certified by 
the- system ^wide' ^.authority (SWA) ,as "a whole, using the 
herein -defined multi-step, signature' process . 

In" an alternative embodiment^ of "the foregoing 

recer-tif.icat ion. process,, the group"; of" target devices 
, might submit their repert if ication^^ requests (unsigned 
' certificates) prior *P tli initial key generation by the 

lead ... .device , . ? .. The, lead ' 'device ' would sign " these 
".certificates at" the.: time."" it \ creates 'Vthe SWA private 

signing \ key. . prior .'to \ splitting ' i€ into fragments and 
. . erasing, ..the . whole ^key?^ There does 'not ^ seem to be any 
r^ajoxr advantage, in ^ ^dping'-tHis, as ' the mWin function of 

the resulting, gy^te^iT to/' s ^ certificates in a 

..highly, cpnt rolled yet : efficient manner. 

. AUTHORIZING AGENT T3 ECERTT ? f CA.TI ON 

..'".", "...Figures,. 7 : and a illustrate steps for certifying and 
.. .registering "authorizing agents : " Figure 7 shows an 
/overall, system architecture, while Figure 8 illustrates 
.'-.the' processing' .'sequence for a certification request. 

-Signing •• .devices' ( will -.' affix.^ the . system "wide authority 
official sisnaturj^ to 'authorizing agent certificates, 

"thus certifying a public" signature verification key for 



each authorizing agent. In the registration process, 
each signing device will also update an internally^ stored 
table of particular authorizing agents who will be 
empowered to instruct thfc signing device to apply its 
partial . signature ; During routine operation, a signing 
device will affix... its partial' signature only if the 
request is signed by a minimum,, number of temporarily 
certified "or SWA certified authorizing agents (or if a 
minimum' number ' of individually' Signed' messages are 
receives) as discus sea "more fully r be*lbw7' 1 An example of 
the process* for certifying 'Authorizing 7 - Agent 3 a (AA3a) 
and registering *AA3a with' Signing* Device'' 3 proceeds as 
follows. " * -''••' v ' : : \-'- 2 : 

For" purpose of illustration',* ifwill-be assumed that 
Signing^Devices 3 and l"'iFi*g: '7, T ~items 15" and 11) are the 

2 of' 1 5" " signing"" dlvice£* selected- to - affix -the SWA 
signature . 

lV - : Aufchoriz r ihg J jig€nt" f 3a submit s : a : - re - cert if icat ion 
re'quest for himself" tFigv 8, it fern 121-F to Signing Device 

3 through the LAN/WAN 21. (Alternately/ authorization 
and/or registration can be restricted to" direct- input to 
the. signing device* through a limited access communication 
channel, e . g". ,"' 'direct * " connection to * a stand-alone 
personal "computer) * i ~'%h4 cert if'icatioh request includes 
at least* the following inf brmatibn': ah : authorizing agent 
name ' (human ' s distinguishes rtaniel/b) identification code 
for the agent ' s" V^Ustfe^ r d%vfce" (e'.gV : , -smart card serial 
number and model number) ; c) a signature verification key 
for t:ke v hurtan^ signed by the temporary 
administrator) ; 'and d) a 'signature verification key for 
the aqent ' s trusted' device , 'which serves -as an 'assurance 
that his device is ~of a knowfi type. Such assurances are 
particularly "critical ' When ' : all : or substantially all 
operations are performed at widely separated locations, 
such that the system' operators cannot verify anything via 



visual inspection. 

2) Signing .Device.. 3 affixes a partial SWA 
signature ..(-SD3) to the. certificate 121, and transmits 
the partially t signed certificate 123 to another of the 

signing devices. .._ • . , : 

3) Signing Device 1 authorizes that the partial 
certificate can now.be sent to SDI. _ 

,,4) Signing • Device .1 ..completes the signature 
process .using, its L j5)xa;re 93 .qf_ the SWA signature key. 
.. 5) : Signing. , .device" . 1 . returns the fully- signed 

icertrif icate 125 to. Signipg Device 3. ^ 

...6J . Signing. Dey ; ice. 3 retains a copy of the signed 
certificate 1.11 , ,en.ters. ; AA3a, . f.n a log * of authorizing, 
agents 113-,^ and A returns ; . the .signed certificate 125 to the 
Authorizing Age,nt.,ga ^ , , % , -. , 
- - ..The.: process is . repeated for all authorizing agents 
101 which are to be registered with Signing Device 3, 
leaving .- each : authorizing f agent 101 " with a signed 

-.certificate and -leaving Signing Device 3 with a log 113 
of ,all certificates., Th^process is' repeated for all 

. aufehp^izin-g- -agents c o^phi^. other signing devices 11, 13, 

MULT I - STEP SIGNING 

~ At.~t;.his, stagers, igniiig.. devices have been init ialized 
,..with , shares... ( Qf.,.^ signature 4 key. '"Signing 

devices.. -- have recertified^_^themselyes;' and authorizing 
t -ag&ntsj iiave ,been. Q .bot;h . .recertified , ; and; registered with 
their 0 respective "signing devices. ' The system is now 
ready - to enter .^routine service' 'for _ both system 
jadmdni st rat .ion and .pf f ic % al, cext'i f ica\ion , functions . In 
- r tshe .^-following, .discussion multi-step, signing will be 
^described ,fpr ~,t'he ~ s .^jtem. ;f wide „ authority key, which 

• .typically will- .be., .used.. -for system "administration . As 

• will ! i: be- discussed below, additional ' "master keys" will 



also be generated and used for multi-step signing within 
the same family of devices, in the same way as for the 
system wide authority key/ except that the content of 
messages to be signed ' by' such- master' keys may not be 
administrative in nature. " 

Figures 1 9 and 10 -illustrate multi-step signing using 
the system' wide authority 7 key: Figure- 9 -illustrates the 
flow of~ a "document' ("DOC"-) 1 -'through various authorizing 
agents" and signing devices/ while "Figure- 10 illustrates 
the evolution of signatures - ; * on the document. This 
example ' assumes / that' - Authorizing* -Agents la and lb 
authorize' Signing Device' r : to*^' affix a-' partial signature, 
"and" 'that Authbti^iri^ f: ^gents : 2a and 2b- authorize Signing 
Device 2 to complete^ th^ SWA signature . *->-For simplicity, 



agents' are needed to 
•'sequence proceeds as 



we assume that any two ^authorizing 
activate each sigfiing" devici . ~ : The 

follows. * ' ,A " -U "'" w " ~ * 

i") Au^thori^ifig'A^eht la receives : a^ request for a 
signature* thrdugii ^ffre 5 "WAN/lAN . '■ .The- -request is an 
electronic message 13i' ; * having a : header 133 and the 
document: to ' be " sighed 0 13 5\ : ? • The -header ; ' will contain a 
command code that designates the message as a signing 
request. 

: 2) :: " 'A(itfti±^ la (Fig. 9, item 132) strips 

"off the header 'aEd^^ procedural checks 

to determine whet lie signed. The 

specific ~ 'procedural ""'efiscks, 'which • - may include the 
judgment of the humeri 0 operator ' AAla anc£ 'which may vary 
depending' on the underlying purpose of - the document, are 
not* germane' to the "miilti -step signature • process "itself . 
When ' satisfied that * "the 1 document : -"s-hbuld be signed, 
"Authorizing * Agent' "la"' sighs the document -tiding the agent's 
secret signatufe' lcey (which was -re-certified under the 
SWA signature) ; " As 'sfiowh in Figure -£0/ 'Authorizing Agent 
la's signature ( --AAla) 0 J £s 'determined-: '-by hashing the 
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document and exponentiating the hash using' AAla' s secret 
-signature key. AAla then affixes a new header and sends 
the signed certificate 137 to Authorizing Agent lb 
(another agent for the same signing device as Authorizing 

5 - Agent la) . 

3) Authorizing Agent, lb (Fig . 9 ," item ■ 13 8) strips 
off -the header and -performs a number of procedural checks 
.(-not, germane X>o multi-step signing) to 'determine whether 
th-e document should .£e . sigijed . When" satisfied that the 

10 • certificate should^ be signed; Authorizing Agent ' lb also 
■ I -signs . the 1 document^. * .' As : ' shown in Fig. 10, AAlb ' s 
. ..-signature . Y-,-AAlbJ . t isY^etermined by: ll hashing the 
/, .^concatenated ! : coir^naiiion . of ' the' document and AAlb's 
, , ' ■■ signature;., and .. exponentiating the hash using AAlb's 
IS ,.- ; s.i^natujre.key. ' AAla' §'. signature is left on the document 
, •- ; Im -an- audit trail. " .^lb then affixes ' a new header and 
/ sends . the^ twice^ signed document 13 9 ' to Signing Device 1 

. ... (Fig.. 9, item ID -. , ... r 

4) . Signing . Device " 1 receives '' the twice-signed 
dpcuraent 139, „st^ips,'of f 'uie header and verifies' that the 

. document beari \he ,'ne^cesiary number of signatures of its 
registered, authorizing Wents "(in tfilV. /example , two) . If 
so, ..Signing , Device ..l/ strips" bf'f u ; the' signatures of 
. .. ..." 'authorizing agent/ "an£" affixes a partial SWA signature. 

2 5 As shown in,. Figure 10, J the partial/ £p/ signature (--SD1) 

,' ■' is " determined by " hashing^ the ' base -document (without 
, -' . ^ "..authorizing Jagen^s "* slgna tare's) and; exponentiating the 
-hash . using Signature Jpevice^i' s SWA signature key share 
...... ... , 93..,.. 'signing Device ' 1 . then " affixes" a ""new header, and 

-3 0 ,-; ; sends the partially'signed document 141 to an authorizing 
, • . agent for . another, signing. " device , here Authorizing Agent 
2a of Signing Device 2 . . ; 

5). Authorizing" Agent 2~a (Fig. 9, item 143) strips 
off -the header, and perforins a" number of procedural checks 
35 * (not germane to multi-step signing) toMetermine whether 
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the document should be signed. When satisfied that the 
certificate should be signed, Authorizing Agent 2a signs 
the document. As shown ..in Fig . " 10/ AA2a' s signature 
,(--AA2a) is determined' by: 1) hashing the concatenated 
combination of the certificate and the partial. SWA 
signature (--SD1); and b) exponentiating the hash using 
AA2a's re ; certif ie<31 signature ' key. The partial SWA 
signature of SD1 is reft 6n tlie document. AA2a then 
affixes a HeVheacler and sends the r: signed "certificate 145 
to Authorizing "Agent ' J 2'b w (Fig T 9; item 14-7} :; . 

6) '"" Authorizing "Agent 2t>' (Frig.' 9, item 14 7) strips 
pf f the header and performs a humber of ^procedural checks 
(not germane to "'multi-step* ' sighing ) : to determine whether 
the document should* be : signed. * Wheh satisfied that the 
document should Ke sighed /"Authorizing* Agent 2b signs the 
document. As shown" in Fig^ 10 ;AA2b' s~ signature *("- -AA2b) 
is determined by: 1) Hashiiig ~the concatenated combination 
of the certif icate the'- partial " SWA 7 signature and AAla's 
signature; and b) exponentiating the -hash using AA2b's 
relcertif ie~d signature key: : 'The partial SWA signature 
and AAla' s signature' are left on the' ddcument . AAlb then 

^"affixes, a new header ~and "sends 'the signed- certif icate 149 
to Signing Device 51 ' 2 'I Fig : ' ^9'*; " I'te'tf 1~3') - '* .. 7 T 

7) * * Signing" Device" V 'recfexves* the signed document 
, 149 , strips off, the "header -and" 'verifies that the 
.certificate bears"' the "necessary' ' number of signatures of 

its registered authorizing* agent's 1 ("in" this 1 example, two) . 
If so, Signing Device 2 ^stirips off the signatures of its 
authorizing agents and" modif ies the* partial SWA signature 
to complete the" SWA signature. As shown in Figure 10, 
...the completed^ SWA 'signature (■- -SWA) ' " : i^ determined by 
"exponentiating the partial' signature af'flked by Signature 
Device 1 <-.-SDl) using Signature* Device 2's SWA signature 
Jcey. share 95. "Signing" "Device 2 : then affixes a new 
header, and "sends * the parti ally signed "certif icate 151 to 



AAia (the originating authorizing agent).. 

In the example described above, two signing devices 
were necessary, to affix the system wide authority 
signature, and each signing device required authorization 
from two authorizing. .agents, The total number of signing 
devices needed :to complete .a signature in the system may 
be adjusted at the time the key shares are generated, and 
threshold- numbers -of ^authorizing agents for each signing 
: device %l may .also. .vary :V . "For , example, it may require 3 
•signing^; devices of five to, complete the system wide 
authority signature, ^nd the.pumber qf authorizing agents 
-.necessary ptp authorise a signing, device may vary for each 
-signing- device,,, depending on the level of human review 
desired for, security .purposes . 

■-..After having, established a, multi-step signing 
process as dis. cursed .above, certain core administrative 
actions cap be .taken ^conditioned on the "assent" of a 
quorum of other signing devices i as authorized by the 
■presence of . the system, yide authority key. Some of these 
m administrative ..actions are discussed below. 

— To .effectuate..,, such actions and decisions, the 

firmware inside.ea.qh. tamper resistant signing device will 

be ; programmed .to r^^pond. only to commands signed: 
. . .. :j . r i. \. in . the 3 cas^ ,of partial signing requests, by a 
i proper- quorum, of ,.,|^thpri zing agents; and 

, 2.--..- in the .,cas ( e of 1 system administrative changes, 

by the systemwide, authority itself. 
... - ■ That- is •, . in .the. preferred embodiment, no changes can 
:-JtDe.- ( made ,in the list of aut^orizers or related 

requirements on ..any signing device by other than the 
. consent of a quoruw.. of authorizers on a quorum of all 
-.signing devices.. : In. some cases, it may be deemed unduly 
, burdensome to obtain the consent of the entire system for 

certain minor changes ,* such' as authority to perform 
-.encrypted backups . However, it is anticipated that such 




administrative changes will r " gene rally -be relatively few 
and infrequent, in contract to 'the volume of official 
business, and that 'the security * of the * system demands 
that "such consent should be normally -obtained in all 
cases. Note that in the example only 4 human signatures 
were required to (re) certify and" (re)'register a user. 

' * T " - ; ' " • PARALLEL 'SIGNING ' - , - 

Figure* II " illustrates' the flow of - a "document during 
a parallel embodiment of the mtilt step - signing, system. 
In this " iliustratiofi, it" - will • be assumed " that there are 
a total *of 'three signing devices '169a, : '169b, 169c in the 
system, and that" all " tEree "signing devices are required 
to complete the systetfr wide authority : (SWA) signature. 
It will be "understood that parallel signing" ..can be 
adapted to dif f e:rihg numbers of ; signing devices . 

In the" parallel '" method, a**document r coordinator 161 
("the coordinator") receiVes 'a document" t<b be signed 163. 
The cbord'inator may ' But-need not be ain' authorizing agent 
for one of the sighing devices, ; but the coordinator is 
illustrated as a separate entity for generality. 

"The document codirdinator*" "lei^ generates three copies 
(or in the alternaitiv^, three 7 ' ; 66pies : ~ of- a hash of the 
document)* 16 5a; 165'bv ' 165 c' of ■ the document to be signed 
163 . Each copy " is* J Mint ' to"' a J -f irstrauthorizirig agent 
167a, 167b, ^£hen VJ t6 a : second authorizing agent 

171a, " 171b, 171c, """" then" 1 t'o ; one " : o-F— the three signing 
devices 169a, 169b', : I69c/ and finally is returned back to 
the coordinator 161. : In a manner - discassed more fully 
below, the document'-' coordinator 'combines the. separate 
signatures of the three" signing device's'- and produces a 
system wide authority signature (- -SWA) ~ Which is affixed 
to the original' document : 163 : to produce a : signed document 
.173. " " ' ' ' ' Jz * :: " ■ v:: : - : 

Figure 12 illustrates - the processing of one of the 



copies, ? and the -combination, of three, partial signatures 
into the system wide authority signature. _It should be 
understood that- each of .the copies undergoes processing 
that -is essentially .the same,, except that differing 
authorizing agents and.; signing devices will affix 
signatures, or partial signatures,, according to their 
individual- signature- keys:. . .. - ... 

In -this example;: two- authorizing agents are required 
to- authorizev-their respective;, signing device 169a to 
affix its signatures -v -.The -coordinator 161. sends a first 
copy : l ; 65"a - of 1 the:: document -to be -signed, .along with a 
routing -and' informatlon::-heayie ; r (not. shown.) to a first 
authorizing? agent 16-7 ,r.cwho affixes Jiis -signature ( - -AAla) 
and sends the signed, copy, 175a ..to , a , second authorizing 
agent 171a. The second authorizing agent 171a. adds a 
Second auiriorizing^^ignature ; apd^sends the (twice signed) 
'document I79a ; to the-. signing; device . The signing device 

16-9a verifies theotwo authorizing signature , affixes its 
partial •signature (>---SDii) tp the; copy,, and returns the 
" sighed "copy- 181a to . 1: the fcoordinator 161. 

Two other signing.; :de ; yices : (not shown) affix partial 
-signatTures-'-to .copies • .of : .the, document ,to be sighed and 

return the- signed icopises, 18.1b,, 181c -to the coordinator. 
•All three Copies may foe processed in parallel. 

•f • "Aftfer the-:coordinatQr-has received all three copies 
; 18 la >" "IB-lb,- i<81c •: -xifc theu^pcument Jto ..be singed, the 

coordinator - -multiplies. ., -together, the , , three partial 
-signatures: (--SD1,-. ~.SD2r. - -SD3 ) . -The product of the 
•^three partial- • signatures is . .the- system wide authority 

- signature- - ( -.-SWA) .... •. -. .-: - - 

-' -The signing-". device, and- the smart,, cards of the 
-authorizing agents; will-be trusted devices f The security 
•of' : this- parallel. -multi- step , -signing method does not 
depend oh the physical ., security of . the. coordinator' s 
Workstation , 1 The. .coordinator : need, not possess any secret 
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keys for authorizing -..the signing devices (although it 
will likely have routing encryption, and signature keys 
for privacy and identification -purposes) . 

The .functions of .the coordinator may spread 
among authorizing agents. A first .authorizing agent may 
receive the original document to be signed .and designate 
another authorizing agent : (or even, another entity which 
rs "not an -a-uthorizing :age-nt<i-.-sucii as ,a server for one of 
the sighing devices})? to receive ^and combine the partial 
signatures . • It is -expected .that -,. the .normal operation of 
'the- organization r w.ill .• make : it^ : prefcerab.le to have the 
cooVdinator b<?Cfa- •• -receive-; -fcfae; ■ document^ tq be signed, and 
then" be r^sponsi'blle^-f or delivering- t : he ; signed document to 
'its 'ultimate recipient .■>; \ : ■, . ir. - • . 

■■■■» "... . . ' : . C "TOD;- :„ ; I' . - r • j-,. -. < 

1 ■ ' : AnD-IN(S-/D g'T-gfrT:Kir;,. ATJTHORIZ X^ AGENTS 

•• • -Each sighing- device:- has c ? an .associated group of 
authorizing ' agents?..-' > ^Because ..people .come and go in 
•orgariifatiori, the 'system includes, provisions to add and 
delete- authoriz^e'rs- dynamically by adding-- and deleting the 
fc public' keys ; of^-the- 1 ^au-thorizdng:- agents ' trusted devices. 
"Adding, b'r 'deleting "^an -authorising, age-nt is accomplished 
by- submitting, 1 "go * vsd^ning ..-device? a -command to add or 
'de^tre 'a- publ r i% 7 k"ey &t the ag.ent. d ..jRhe command takes the 
form 'of 3 ah' el-ScBMWfccfc message hav-Lng a code .for the 
add/delete commandi," Additional ; information (discussed 
below) arid Authorizing .^signatures .T ft :; : - 
"1 T-he authorizing- signatures* . may- ■ >be from other 
authorizing' agents ?of- J the .same signing: .device , and the 
add/delete process can be .completed- -locally by ; - a single 
' sighing device. Inv an; alternate version, the add/delete 
procedure may 'require ;*he: -signature v o£. ; the system wide 
"Authority ' keyi* thus ' requiring- quorums-, c of authorizing 
agents -on a- quorum of- related signing^eyices to approve 
and authorize the change In yet anpther alternative, 



different authorizing agents may have differing 
capabilities, and some more: powerful authorizers may be 
added or deleted under: the- system wide authority key, 
while less capable: author izers may .be ; added or deleted 
locally- under the authority of : a , local -quorum. 
Preferably, the addition ■ or deletion ...of authorizing 
agents 1 - requires the signature; of the system wide 
authority^key : ' ■ •-■ =' ■■■■■ 

:*c • -Figure 13 illustrates a^command 20'lifor deleting an 
authorizing agent:.-- .The rj additional- information with the 
command 203 includes: .a) the agent' s name 205; b) the 
stgent's title 207 c*~ the 'IrDr number; 209; of the signing 
device /from- which - thevTagent will be delated; and d) the 
identification oo"de-'^2all-.iof the: trusted device associated 
with the authorizing -eagent, tor . be ...deleted. ,-. ? After 
receiving a properly signed command , the signing device 
"deletes .•thfe^au^hbjr.iz^fig/^.eiit la-public verification key 
from its internal lists i-of ^.authorizing agents. 
• - - Figure ;^iaiu»c5pates;--a.-.. command -213 _ adding, an 
•auth'oViz-ing ^agent : -• ^Uie ^additional information includes: 
al t fie agent. 's aame-^l-^'-b) the agent's title 219; c) the 
IE> - : riiamber -"2 21 ..of Che signing devices for-,, which the agent 
• 'authorised r.iS2^ Mir, an o administrative class 225 
i^oVi eating' -powers sf oarf which the a.gentr is authorized; e) 
an''e-^-irat ; i'6n-Tdat.e 22-3" fox?, the new agent's authority ; f) 
:f ideh'bificatiK3n'::eedes-r22 3«-for the . master. -.key or keys which 
•the ^authorizing-- ag'ent: smay .. instruct- the,, [signing device to 
o&Dpiy; gp-T»tD .Godei229Iofr ; tb.ei:agent;' trusted device; and 
■ : h)' -a certificate: 2--30? -:with r i the trusted device's public 
••"'sigiiatufe* ver&£iQ«ti-an 3key.- ••:<• Preferably, the pubic key 
-of " the new agent -is certified .233 .under the authority of 
the T "SWS signature key*. and the certificate is included 
' With -the cdmmand; - The :devi.ce; certi-f ipate- 231, signed by 
:^Che' :r mahufact^rer. -of- sthe trusted ..-device • .associated with 
' the- '•author i zing agents -also includes, an . assurance that 
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the,, authorizing agent's private, signature key is 
permanently ...confined, in a smart,_ card or other trusted 
device having approved minimum security properties. 
"(Preferably/ the device' s .. minimum . security properties 
will also include the fact that -biometric information is 
used to* link ..the smart -..card to a physical, characteristic 
of the-* human user: For example the- manufacturer might 
state that the card will not cre£e : its user signatures 
unless the" user act i yat^s' an attached fingerprint reader, 
wherfe .the. -matching-^. ingerprint data is .stpred inside the 
•card" and'^ : used »'tso actiyate : it ; )■ - After receiving a 
■properly-signed /request :(i.e. , - ; after SWA multi-step 
signing- has\:been ^completed) :#j .the.-. signing device will add 
*-the new : - agent f si information to- its . internal lists of 
"authorizing agents \; i . ■« • 

' -'. '- ADD /DELiETEc CARD • MANUFACTURERS -■ AND --MODELS 
t-a -As- discrussed above, authorizing agents act through 
trust ed r devices:, :£whi.ch Cmay .. be smart- cards manufactured 
with - predetermined ^security ' properties;. As a condition 
for adding : ^an authorizing agent,.- the agent's trusted 
device —must -:be.*:7:6f -an approved ^ model . During the 
initiation: of'.x the; syst£m,;; vnjodej ■ ■; numbers, of trusted 
devices- -that-- wbuldv be;- ^acceptable;- .f or :use : in the system 
were -i-npu t ~ s O^exc. t i me:, new mode l-s w ill> become a v^ i 1 ab 1 e , 

\ahd 'Security - procedure 5 brnay -be t ightezjed-- 3uch that older 

-models may' no longer .be .acceptable . ^AlJL signing devices 
maintain an internal, table -.of accepted -models. 

- ^ - ^ New manufacturers, may -be . added - by; -circulating an 
electronic- request .among all -the. signing;.- devices to add 

: a : hew manufacturer-.;, r. .Figure, 15 : illustrates a sample 
requests The request- includes -a command 243 along with 
the ; manufacturer's na~me 24 5, - .the model -name or code 24 7, 
and-" - a 'publics signature - y^rif icatipn , - key 249, bound 
together -in a- -'message* 24-1 signed- by,. .the system wide 



'authority key. 

Old manufacturers may be deleted by circulating an 
electronic request, signed' by the SWA key, to remove the 
manufacturer's public' verification key f rom ; the tables of 
the signing devices. Figure 16 "illustrates a; sample 
request 251 which includes a command :253 and the 
manufacturer' s name 255. These add/delete requests, once 
signed' by "' a ; quorum [ '6£ r ~ devices /. "aife -then> sent to all 
device's/ which then'- verify" them using' K'^ and act upon 

' c ' 'New mo'dels for -an already- approved manufacturer may 
'be added by submitting 1 an electronic request , signed by 
"trie SWA' key , " to' add'^ a c -new- model . ' ' ^Figure '-17 illustrates 
"a sample request ''2fc'i .* ''the '-request will, include a command 
"263 ; tW ~manu'f acturer^s- name 265; the: model number 267 
and V certiorate 26"f, : "signed^ by' the /.manufacturer , that 
the r " : part'i-cular " ; model f ' -meets" certain tsecurity standards 
" (e!g'l ; 'a : certificate fcftat a- model ^satisfies FIPS level 3 

'requirements) . *" _ - L ' • - - - ■ 

;r -Old models -" may-- 5 - be " deleted* : iby ! - -.submitting an 

e'iectro'ni^ request, signed "by the-SWA key, to remove the 
' model" from the' ta f bl r fes cif"" the signing devices . Figure 18 

ilfust'ra'tes ' a" sample request:- > 271:, : -.which includes: a 
* commahcf 273 : ; r ' : t*Ke > fitenuf- ao'ttfrer <s -name 275; and the model 
•n^er 5 i77: — '--'±-'~s.bl *d.~ . / ;-v. 

" A^ijiNG'/DELETING $1 QtflNG' DEVICES - - • ■■■■ ■■ 
' ;; • -Ovef time, it" will ibe -desirable -to add or delete 
signing "devices' ' from ; the systems ■ Each", signing device 
-"' corTtaUnS'-a table of- other -signing -device's, in the. system 
:: £hat~'hbl : d -shares ;- of "the SWA- -key- (or :.. shares of another 
" mas' 'tef key for mu£ti-%tep- signing :as discussed more fully 
below)' .' The identity of each signing device is defined 
by: 1) the device identification number, (e.g., serial 
'nur^e-ff; 2) the device ■ public -verification key (installed 



by a manufacturer and certified under the manufacturer's 
signature, ,or a similar key recertified by the SWA 
signature) ;:,3) the device pjubliq encryption key (used to 
send_- encrypted messages tq the_ device) ; and 4) any 
subsequent certified public keys uniquely in its 
.possession. . . .~ V/ - - . . 

New signing, -devices are .added, to the system by 
circulating, an... unsigned certificate . among other devices 
to.- receive the ;SWA : signature- a^id then circulating the 
signed certificate. The certificate contains the 

identifying infprmatipn as, discussed .above . After the 
cerfcif icate, ~ha% . ^-b.een. ;i jSigned ■ by. the JSWA key, the 
certificate is -sent^-to^ , a-10.,- other^. signing devices with an 
instr,uction^:tq- add ; the -new device to , the other signing 
device's internal tablejs^. ,Figure r l 9 illustrates a^ sample 
instruction-! 2*&l t#: .» which, - includes., a. ... cpmmand 2 83 and a 
certificate;- 282 ^.^^hev^Qertifacat.^ ..includes : the new 
■signing;, deyd:ce- ID code 285.; . a, signature ^verification key 
certificate 286 of the signing .device _ (signed by the 
manuf actrurejr) and ; i an, .encryption key .certificate 28 9 of 
the. , signing : device; (also ; sigi^d . by^ the device 
-manuf-actujrerilr. s - l7 The ^.signature,., verification key and 
encryption^- key- /:Cold also^be^ in... ^ single certificate. 
Other information -must r be QircuLa-ted.^mpng. other signing 
devices, such as the identities of .key ^shares 291. used by 
the new signing device and shares of decryption keys 292 
escrowed with: the ;^ew : <deyice.. Once, a.. signing device is 
-addeA to the. group,; rit- can: .1) .participate in protocols 
to .generate, a new master key. ..and .receive, a share of it; 
2)*:. 'serve as a backup unit t.o receive, the contents of a 
signing SD-;,. pr;3.). ^erve- as a repl,aceinent^unit to receive 
the : restored ■ content s._of • a revi ; s\on e . backed up signing 
device that has either .been destroyed, or removed from 

service. ... f r ; - . f 

Fi*gure : ' 20 rillustrat^s ,a. ; message 2,93' for removing a 



si'gning device..: The. message/ 293 includes a command 295 
and the device. .ID code 29 ; 7 . ,- . - ; . . 

-■- * r - * 

COPY KEY • SHARES 
The -risk. :(:cansequences) .of .^thef t or-; destruction of 
signing devices has been .reduced by virtue of the 
multi-step --signing process .and. the. fact that no single 
signing device is capable of forging a signature or 
divulging: information .sufficient £o forge a signature. 
The- information /content: of assigning device, including 
the ^- SWA •-•'key . shaare,^ can -therefore be- transferred to 
another.. " device , . e.. g .:-, when : -upgrading- s_igning device 
hardyare' or'rf or back-up purpos.es-. ;• 

v . ... Copying: -.of* key :■ shares- . and other information is 
accompli s.hedrby' submifcting a- request:,, signed by v the SWA 
Ikey,' to copy.-: :al-l:. jor ^ js.ome-: of : the : information in a 
particular signing device to a second device. Figure 21a 
il.lu:s.t.mt;e^lL sample. segugst to a sending device to copy 
it S' -key, -share ( s : ) . -:=The ; r r,eques.t. 3 01 preferably includes : 
a- command 3Q3 ^ -signed,. .-by the SWA, key,., identifying the 
secdhd device* by* manufacturer^ 3 05 (which : .must already be 
included --in 2 the —signing - .devices^ list of approved 

• manufacturer;) 1 model. vnu;mber ; ; 3 07... ..(which must already be 
an the approved;* li.s£?. ofc. models.) , and serial number 3 09; 
ia 1 ••certificate! -3-1 1>; wifeh ? a : . ..public encryption ? key for 

receiving device; ID codes 3.1j3 : a p£ the ..key shares (or 
^ot'he-r-'desigrTation-co:f~ information). ..to be copied; and the 
•Sending, -.rdevicev. lD-_-S3*5.ir-:: ;-When~ the signed request is 
-received, by: the.. proper' sending, device, the. sending device 
encr-yprs ' the- -:■ identified.. . key share ,(s) and .related 
information using. - :fche. e . public encryption key of the 
■receiving device, .jmd ;.dthen the sending device outputs the 
encrypted information- a,s an, "add key (s) "..message to the 
-'■receiving deviJce,id v&i&]ge ; -&lX1>h -.illustrates a sample 

• message from' a sending device , to a- receiving device. The 



request 314- preferably includes:, a .command 316 , signed 
by the sending device (--SD) ; the ^receiving device ID 
317; the sending device ID 318; th e ID codes of the 
encrypted key shares 1 319; and the ID code of the key 
share owner- -320 .- The? receive, share command could also 
specify quorum -'(or other authorization details) for use 
on the receiving device, but preferably, the received key 
will*- be -used in ^ accord with ■ idefeault;, .quorum of the 
receiving -device " - As- a typicai operative -procedure , all 
systems operators and authorities* .would-be- informed that 
a copy' has -been '-made, ,Jr along with .;the ^identity of the 
device 6-r storage medium holding; the * copy \, 

Alternately^ ; the .ivi-nf ormation^ may <. be copied to a. 
"sto'Srage device * which *;is kept '-physically secure (e.g. , 
stbred in ^vaul&) arid: :;.offline :•; (not; ysubject to - remote 
■attack) in* encrypted^~f orm if or ; : use as backup. 

' ^CHANGE tr QUORUM ■REQUIREMENTS 
: ■ ■ - * The ' 'quorum. * -o'f -^signing ; device s ; neejded to af f ix t he 
-SWA • kfey is : a^syst^ttv^design ^parameter used by the lead 
-device * when generating ~ "key . shares": -fPhi-St quorum can be 
changed - : by : 4*e- combining s-tihe .key .shares to recover the 
: Whoie'''signature-'k3y r C-s£ndn then'.: splitting jfehe key into an 
'increased humbbr r o^ shaires^whichrare*itheni^ re-distributed 
; as with v - the "or'igi^l^ key ; - shares:,;: butrjwith a new quorum 
requirement-. 1 r.Doj CZ' iv;.:> - 

"■ The 'quorum -of ^iut-horrzing ^agents :.ne:ed^ to authorize 
: a "'particular : signing -device to ;aff ix.-;a~ pa : rtial signature 
can b*e changed without* >reinitializinge:the system. Such 
a ; ''change preferably "is accomplished by submitting a 
L request to the respe'ctiye signing cdeyi.ce signed by the 
SWX key*. -'Alternately;" Author izing; agent^-:of a particular 
signing 4 device- may change , the' locaK.quQ?!um by submitting 
a request 1 signed only byr local authc^izing agents. The 
number : : of ; signature's ' "needed^ to ..change; -.the quorum may be 



the same as ^or different ; from the -number needed to 
authorizing the • signing device to .. af-f ix the SWA 
* : signature;- Not : e that if SWA key- shares are stored within 
'signing devices" in -encrypted form and if authorizers hold 
5- decryption key - shares * as discussed below, the quorum 

• r 'needed for authorizing a : - signature should? not be reduced 
^ : *to less than the number-of -shalres needed'- to decrypt the 
'SWA kfey : -share. In norrffal banking "^practice , the N of 
- " : ^ authbrftiei ^must nb't- &e^le~ss -thaii 2 per < signing device, 
10 although^ some r ''authorize-r^ ■ ^nay have rights on multiple 

- ; " 'signirig "devices . : " : . ± . 

~ : ' - EKCRYPT'ING^ STORED KEY SHARE Ss 

r ' -*f n r.^his vafi'ati^ri^^shdwn in Figure 22, each SWA key 
15 share 323 stored within a signing* device -321 is stored in 

~ -em 1 ' encryp'tr'ied c f orT^£ : 23^'The decryption key ("KEY") is 
i : — ~ S pl : it ^ into* 'shares; afi& e^eh authorizing - agent ' s trusted 
-* " r : devic^ r -32%, "327, 329 : £ Stores a: share yof . the decryption 
' ■ it ^ey . s - As 1 r di scus-sed- 'a&ovfe-; each request. ' for the s igning 

2 0 : " ' 'device-- to -affix" *a pdr^ial signature .must3.be accompanied 

: 'by ^signatures 1 of a>qS6#um bf> author izihg^ agent s . Under 

this variation/' *th%' & auChbri^ing: 'agents : additionally send 

* 4 a : ihare a -of * thd± decryption i key 331, 333, 335 to the 

r: ° j sigriifig devide v -22-lfc"^I&^£i?grLt ! ng s . device then : 
25 ' • ' 1 1) combines' -the &efcryption ;key shares-337 taxecover 

* : " "~ 'the 'decryption key *'2'4 7 ; r; k -j 

; 2 s -) decrypts -339 its share 'of. xhe :SWA key; 
£> ^ ; uses the-plaiiltext SWA share. 341 to affix a 
partial signature 343 to a 
"'30 F r - ' " : ;; ~ r document^ 345; ''"- r >* 
~ - - :f: - : ~ 4')« erases tHe-< decryption 'key 347- - 

:w :v, '*" ; ' 5)* : erases' the 'share's: 33-1 , -333,. 335 'Of -the decryption 

' key /'"and : - .'.i- -> r .\ . ;; : T j \ .; ; t . • 

6) erases--342 the 1 plaintext SWA.key _ share 341. 

3 5 >: : - When - sending -a ^document to - a ;signing device for 



signature, an authorizing agent includes, that agent's 
share of the. decryption key and- signs, the message. In 
normal operation/- the decryption key shares are protected 
due to the fact that all r; communications on the network 
are encrypted : using the - public encryption key of the 
recipient (i.e> , of another - .authorizing agent when a 
document iis b.eing^circulated^f or, ^agents .signatures, or of 
a .signing: • device, - when a submitted ;; for signing) . 
Alternately,: each authorizing . agent may -develop a session 
key; for -each -.message .in order., to ; protect; the decryption 
key shares. (That is, each time a key- containing message 
passes from an authorizing agent to another authorizing 
agent , or :to ^a/Tsinging ^device , a new session encryption 
key is used. ); ;The.enti^ encrypted under 

;the session -key..;? % - • - — r i: ^ -•. -■. - . . 

In this way^rthe plaintext SWA k^y, share exists only 
^transiently- during? the. time,, t-hat : .it - is ..being used, to 
affix a- partial signature.. - Furthermore ;the decryption 
-key,, and- a compiete/rasseTi^.ly of shares of the decryption 
key - exist only- t^ans.ientJLy. B > m If a, .-signing device is 
1 stolen, thieves, would- at: best. t be . able t , to recover the 
-encrypted,, form: . 

The ", process - erf 9*:YL: 9A ner ^% in 9r ;.-f? n 4.- distributing 
.-encrypted key.. shares;-Tand rshares- of decryption keys would 
proceed as.^f ollo>vs.~:a^d ^il?lus,t-rated in Fig. 23. -„ ; ^ 

1) The lead - 7 device ^generates f . ; ; a public SWA 
^verification key 3 51 cand : &hares 353, 355, 3 57 of a 

private i SWA signature^ key; - as discussed above for the 
basic variation. >\ 

2) The lead -device generates a -separate 
public'/private ; encryption^ key .pair 359, 361 for each 
private share of * the;, SWA signature key (one SWA share 357 
is illustrated, and it should be understood that other 

1 shares- are processed? similarly).-. 

--3) For each private encryption : .key, the lead device 



splits'* the private decryption key into ..shares 363a 

3 63m using an L of M split .where. M' is the total number of 
shares and L is the minimum number of shares needed to 
reconstruct the private decryption key. ,,M may be chosen 
to equal , the total number of authorizers on a signing 
device ; 'while L equals the quorum of .authorizing agents 
needed to 1 authorize a signature on the respective SWA key 
share . - • - ... . 

S "- •'- 4) The Dread ' device' encrypts.- each share of the SWA 
signature -"key c 357 tunder the associated public encryption 
key L 359, and sends ah- encrypted _ share 365 of the SWA 
-signature key to -a respective signing-device along with 
: M share's ' ; bf the Respective private . decryption key - 

5) The private decryption key shares for the SWA key 
' shares '•"•may alsb^' be- escrowed: (distributed for safe 
'\^p&§)'**vi6hg'' J ti»*' e-eher* signing devices such that any 
* private^ decryption key -cam be recovered, from the signing 
devices" 5 Hilt. :^ho----'c»elc-signing; device, . contains enough 
'information' -to Recover pany. : deqrypfeion.. L key for another 
"deviTce . Such general Shares f-or. any. given signing device 
wouir- be • released- and Hapon consent,, . of a quorum of 
; authorities "on'severail c^her ^SDs;. • , . 

3.-1 -gf - The ^eW 'devicet: . erases . the private decryption 
• keys , •" • tne ''pHftWS* decryption; -fcey shares, and the whole 
pViWe ^SWA signaW^ key - (if :. . it :: still exists) from 



memory. 



- - When- ; each %igningn.device registers its respective 
" iutnoHzing' agent s V ffc* ..signing . device addit ionally sends 
'each au£&rizing"ageht- a decryption key share, identified 
:: -by: l) ah ''identification, number for the decryption key 
"share i ' and : - 2 ) -the : - identification ..number for the 
associated SWA key share. 

c -- '-For examples if there .were five SWA signature key 
'•shares'/ (with -three' .'.needed, for , a .signature) and each SWA 
'key "'share we're-^- encrypted; under, .a separate public 
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encrypt ion= key, and each SWA key share, required three of 
five authorizing agents, .then t each decryption key could 
be divided into, five shares with any three capable of 
recovering, .the:- decryption key. There would be twenty 
five decryption key. shares, ..with each signing device 
having distributed five- to _it;.s .. authprizing agents (for 
its- own -.key) :and holding one ; share of each of the 
decryption keys for the other four devices. 

In thisfway; the t guorum. ; pf authorizing agents needed 
to'l authorize:, a ■. signing ~. device,, . t:o , affix a partial 
^sigriacure- wil:l ■ : alsp 3 have a suf.f ic'ie~nt number of 
'decrypt loh- key, shares to . allow Jt;he signing device to 
decrypt " the SWA* key ; s : hare .transiently., for each signing 

" operation?. ■ : .... ~ ■ • ., . k -- 

■ ' if- one or more of . the authorizing^ agents lose their 

keys (e.g. , . loose .their .trusted device .smart cards) , then 
•new smart::- cardSf ;.wou^d,- be registered . on, £he same signing 
'device-'.**- The 'decryption ..key . s.hare^cpuid be recovered 

from^other signing -devices and could .fee ^reinstated to the 

newly-registered :smar.fe -cards .by .submitting an electronic 
J mes'sage7 signed ifo.y^. "the, r . SWA signature key, for the 

signature -devices;. tQ-r transfer.. shares, of the decryption 

• key €6-- the--rnewly ^registeiied de-vices. As an alternate 
method, '•subject:- to. ,She consent { of ; f t he .SWA, a given device 

' could -Veceive al:l deac-r^tipn shares., "decrypt ips signing 
share, generate a new encryption key. pair, reencrypt the 
signing share - under rr^he -public .. key, divide the new 
private decryption; -key- : into . new . shares and redistribute 

• these shares - to . the-, .-trusted . devices _ _ of the relevant 
authorities., taking care; to encrypt them . .under the public 
encryption- keys .of those receiving authorities'' trusted 

devices. •:•.:«.•; o . • - > ~ . 

As an alternate: back 7 up . methpd, up the decryption 

• key shares -can -be escrowed. off- line. .with an independent 
- trust- institution, as., described, iq , copending U.S. Patent 



Application Nos . 08/181 , 859 and '08/277, 438": 

' - CRYPTOGRAPH I C HEARTBEAT 

' : As a further' protective measure, each signing device 
receives a :, pe r f iodic data input {"heartbeat") which, if 
interrupted, causes trhe -signing - 'device to become 
'deactivated . : The' : heartb'eat" would be • 'generated from a 
•location separate 4 frofn 'sighing device so that, if thieves 
attempt 'to steal- a- signing -device/' - they must also 
p^netrate'i *sepafate* : ro6m 'or vault to get the heartbeat 
source; : If they fall ^ty' acquire'the- heartbeat source, 
the -sighing device Becomes inactive and is 1 -* useless. 

/ za in one i: implementation, ; each -signing device provides 
-an encrypt i orf -"k'eV -to -a? h^artbfeat" source. -The heartbeat 
^kSurce ^periddicaliy n Sends- encrypted* messages to the 
signing device. If the signing" device A fails to receive 
■a a miifimti"m -H^^ a period of time from 

:r the "heartbeat sourceptKert the signing" device erases its 
"internal memory or s *t2a)t«Js Mother - evasive 'action. The 
messages may j be £mpty- mes T &ages or ^simple Messages , - which 
: must 'Be-- encrypted -by tH^-' hekrtBteat : ' : source using the 
public 7 ' even key' given- to i-t^ by^ the SD. r Alternately, the 
■messages- coiild- be 1 a^ps^udfe r r anddm ~ string ' generated in the 
heartbeat r sour^ : ^fcy a b pseudo random - number generator 
(RNG) and-vferifi'ed^l6y^a syricHroniz^d -(RUG-) 1 in the signing 
device: ,L 

Mult ip'lW "heartbeat ^sourcds could-be- 1 Established so 
that a signing device must receive messages from at least 
^oiik-Ahri'^ niinimunw^umb^r Trover- -a period of time. If one 
'heartbeat' r soiirce 5 goes- 1 of f line due to -equipment failure or 
:: power outage, it wiir: :r riot' ;L trigger 1 premature erasure of 

* signing device : ; memo^ries v - - ^ -Keys used- ^in heartbeat 

• communications may ;v £)e^backed"up in -shares to multiple 
iocatrions . " j1 -- 7 . . - ..i ^- 

r In -a second*' impi emeriti ti<5ri, each- sighing device may 



send a query to a group of : associated ("satellite") 
devices on the network, and continue operation only if at 
least a quorum of associated devices responds. Requiring 
a quorum allgws operations to continue during inevitable 
outages and repairs to communications . 

^ . Use of satellite devices, while more complex, adds 
physical, security., and, can be us.ed fr at ^locations having 
less, . s.ecure environments rather, then, upgrading these 
facilities with vaults;, guards, cameras, .etc. 
. ^ The, communication link between a . signing device and 
its ^heartbeat .source or^satellite device. may be a public 
network v , . If^ a signing device is reported stolen, its 
associated ^ satellite^ units 7< can, ,be deactivated by the 
system operator^ to c . ..prevent . : -thieves .-from tapping 
cpmmun i ca t i on , 1 ine s^ and, re- routing the. -heartbeat s_- to the 
•stolen d<e vi ce . ^ c r r ■ * v - . r- . , T - . , .-. - 

::: For example , :; ^t ; l^ the United 

- ; States.. ; and a its t assgciat:ed... satellite ^device in Europe. 
.Wh^n .^he signing ^vice is stolen, the European satellite 
^device i.s ^taken, p^f >r line : by ..its operators,. Liability of 
-the, Euyopearu agent for .any t erroneous ^action would be 
..minimal:, t -because: rthe rf ^ removal .o.f- , v the : (satellite only 
^.interf eres • with-vnew. _ signing operations -f or^ a short time . 
Previously, ..signed B .signature's - remain,.. , in force. 
.Alternately . c secure -physi^a-l 7 wiring , can be provided 
between a signing device and its satellite r pr heart-beat 
r source -in lieu.of -,a public . network.. ;j 

r . ■■= GENERATING- ADDITIONAL MASTER KEYS 
■ _. - r r< Haying established. -a.. secure >c ^multi,-step -signing 
system with a SWA : -key.; it is a simple matter to generate 
a number of additional ^.master" keys .to. be used for other 
purposes;. While .the . SWA .signature key -.controls system 
administration, master keys can b,e. 0 used r . to sign other 
-certif ied, messag<es or,, documents by use on behalf of other 



'legal entities. ; The generation and administration of 
other, master keys is similar to the SWA key but without 
"intermediate temporary certification steps. The method 
prbceeds. as f oLlo.ws : _ 

•v. 1) Designate one. signing device as f vlead M -{it need 
not^be : the same -"lead" .ph$t generated the SWA signature 
key. 

2h: Input. a list public key-^cert if icates of signing 
devices to receiver shares : of thermaster key. 
* = - ; - 3 ) - Input. . an . identification, code for the master key 

-and "a logical' name . . : . : ; ♦ . - 

4 ) Establ ish secure- , communication : .channels among 
signing* :. devices; (preferably -using the encryption key 
certificates of each related signing , device) . 

„.v..^ /5): . . Optionally :>pbtain , random material from each 

-signing device.; 1 : - . , f 

6) Generate a new "master" public private key pair. 

i.l '.i^ :! 7) L /. distributee ^private --keys shares (optionally 
encrypting * - each share- and distributing' shares of 

•■'•'decryption key) LJ : •„ ■' , - : ; _* ■ ; - ; : 

... ! :-8i : Erase- *the- ^hole master private..., key ( if it was 
stored) , and. e.ra^e^all. shares - not .retained by the lead 
signing: tide viic^ ^.v.c.: 2 V - v - ....... ~. ... _ s .. : t 

. Thiss-pxoq^,ss3 jalso r be : used ^o replace the SWA 
signature /;:<by/^addit 7 ippally^ sending each, signing device a 
Command, ,s.'igriB.d -bit; th^K^ld^^SWA -signature key to install 
the new master key as the SWA signature key. Generally, 

^t-he" master key ; .will- ;have : : ( separate., uses from the SWA key 
and- the: share;s - pf.. -many, master- keys . may, . coexist in the 
-signing devices, .h previously.* .generated master key 

■"Mother : than a^SWA signature.- key) c,an be. deleted from the 
system- :by submit t^ing-._a ^message, - signed by the SWA 
signature -key, .to;-. delete the master : key fragments. 
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- ■ DOCUMENT AND SIGNATURE '-TRACKING 

* It is desirable to assign a : .unique identification 
code- to -each -document -to be signed in -.order to assist in 
managing the flow of documents thr.ough-fehe system. The 
following' ihfbrmat i'on^ may ' be included in the headers of 
each document for -use by -message servers: and authorizers: 

• - hrp The. signature kfey identification code of the key 
to be used t : o sigh -the -document . : . ?«•*.■ 

' 2) The" total number- of partial signatures needed to 
complete the signature and/or. the number of partial 
signatures' -already -'applied .* i" - - 

- r r 3) ^The*- key -'f ra#rner$t identification qodes that have 
already- -be feri -used to- sdgtfi^ - ■ v.* ^ ;r: j - ^ 

: * 4) The identities : of • the. signing devices that 'have 
already signed (e.g., the logical; device, names) . 

: ~ INTERLOCKING RINGS :: OF SIGNING DEVICES 

'-' - ■ f A : foot <ZA> using-- a - multi-ste^r -signing system as 

described above, will generally cert if y~->. subordinate CAs 

located -in dther Business- 'and government organizations. 
^ypothfeticallyV*'^ Target moneyr center bank might certify 

a major agency of a state government n /The state agency, 
-fn "turn/' might ^erti^fy 7 a^'corpora^ion . This distributes 

the certification 1 w ^y which can 

conform "to "-exacting- - poii't^ical^ .?e.conomic and social 

brganizatibhs*:' ■ -'-^ ss s-:? \- --; ■< 

- } - However , 'each r -mid--tder- CAr - must.:.: .'maintain strong 
■ security over its signature^ key . s Rew- such organizations, 
• : : bt tfer* "than* • banks ; some * A-arge \ corporations , r and some 
"government *. agencies;,- ' have:, traditionally maintained 
-friuitaple 3 - highly secure?: data processing., facilities and 
'••storage vaults.- -For -example ,- >a -midrt-.i.er CA may possess 

at least one nominally secure physical location, such as 
a data center or vault operation, but lack the funds to 
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serve multiple sites for the multi-device schemes 
described above. In the alternative, the mid-tier CA may 
have no truly .secure location. 

■Less secure mid-tier CA' s .(such as a corporate CA) 
may' "nevertheless, set up their own signature -rings (as 
described above) and interlock these mid-tier rings with 
the more J highly secure ring of ,a parental CA (such as a 
bank :r or secure . government , agency) . . Tip.s can be done 
while : separati-ng -the issues of : : CD key ownership and 
official control, v . f^. :•. administratis and backup 
Yespo^s'ibiri-ty., -,-and > r A3 ) t r physical. . . possession of the 
devices . 

iLAB .Ahterro.cMng,:;ri^g architecture can be created as 
;shbwri--in Fig~- 2.4s by haying a, mid-tier CA 371 maintaining 
one ''dr. more- mid= tier s;i-gn?.ng _ devices ,37,3 , 375, 37? in its 
• own--" secure locationsv ^ ^., Additional mid- tier signing 
--devices 37 9-,: L 3 fee „ ; maintained.,, . at the secure 
locati6ns:>of, a parent: CA^ 3--, an<d may :,ev^n include some or 
all^of the same-d§Yie;es. B .3 7 9_ < 38,1 that, make up the parent 
^root ) Oterxiing 3 92 (he^^.-'in^rac^Hin^ rings.-;) . The 
parent ; :-CA could maintain r: several signing devices 385, 
%3 87-, . : 3.B3- that? :arg.- independent , froro^thQse of any given 
. mid- tier, -iCA, L3^.3 iC a _Th.e. 0 sigrL;iJig -devices, .described above 
rrequire- ■■■ma- add*tionaj£ n modj.f i cation .to .hold additional 
master -keys, • each?-, .under ^ /different ownership and control 
by respective authority agents ...?2la, 391b, with 
■ supp-lementai : master rfeey^.^QWped indifferent ways. 

.. . ;• ; The .' mid- 1 ierj: .CAr ,init i^at es, - the. . key generat ion and 
>>share- distribution protocol, outlined .Above using one of 
~- its.'-^own •i5signiog-,-4^v«i j ces. as, a. . /'lead" device, and 
^authorizes- ^fca^wn . c-f facers- as, author izing agents 391b. 
Some" -shares', of the dnew.CA master .key, would reside on its 
own signing device^- 373 , . 3,75^ : 3.T7 , while others would 
reside on signing cde^ices ii of,,,i.^ ,i>a^nt. CA 379, 381. The 
authority tb' issue - signatures. :> can remain vested solely in 
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the officers of the key owner, although they could also 
delegate' some of this authority to -some officers of the 
parent CA institution , in case of emergency . 

Thereafter, the - ■ mid-tier.; . CA would initiate 
multi-step 'signing of .- the. CA.' s -.-signatures based on 
signatures generated:, by* smart z cards -possessed by their 
officers*, and route ^hose requests-: to their own signing 
devices and/or to "devices; in ;.the ^possession of the parent 
CA ; . Indeed/ sighing device's' .need - not ^be. located with the 
pkrerit v ' : CA, :j tmt" could be .sited , at any ^e.ther. CA also having 
a" secure ^lo'dat ion and communicat ifin; - access . 

' - '--^ » FUBLY ~ LEAS ED S ERV-I CES 
* Ah : organization'' that-" does mpt v ., possess even • one 
secure -facility mights st'ill^wish:to generate certificates 
'and cah " still ^become- r ^a : '^CA;^ : The:, organisation can lease 
use' l 6f signing devices- £ located --in: secure locations 
"already * est abl-i'shed^ by -"various banks, or other CAs . The 
brganizatidn tike s^ 1 ? pos se ss i on of smarts cards for its 
ciWtibrrzirig - ag&htts-T and routed signing requests to 
' s igning -devices i: tErc5ugh !k' communication; network. The 
"processed of - gene ±^ ng - -key sV- issuing.^ signatures, and 
~petf orfhing ^t^hex" administrative- tasks; can-therefore occur 
' within v devi ce c under 'o Locals bank- ..physical control in 
SfccVfd with' " coht:£a£tAaai-> ^ t rust ^^arrangements with the 
owner. * 'i~z~zadvu$ :-v; _ \ : t 

' z 1 ' r The 'organ : izati r oh'- r s*-'Of f ieers, wpjild;. ,go to the local 

secire * : (banking ^-fac-i-lity: to* witness the key generation 
'p'rdtocol by c which* -their : newr. signature;. Jcey is created, 
'divided;* arid di ? st^ribut^d^ to each ; of ~ a- number • of host 

facilities ■ r: (pbssibly- other banks or [other locations of 
'*th : e same -bank) -that-- thesy have • selected. At that time 

they could ilso' assign - the appropriate administrative 
" Backup powers 1 : as : heeded 1". • \z -3. 

r v The" organization^ r-couid * then; :. = issue r official 



signatures .. and certifications, -without the need of 
establishing their own.- secure -data- center or vault 
facilities, while still achieving, substantially all the 
security benefits of the system as described. 

■ - v 1 ■ : . :■: SIGNATURE DELEGATION 

When.': an authorizing - agent becomes temporarily 
unavailable (due to being on vacation, .incapacitated, 
;etc ;)■-, -some, form *<©f -delegation of signatory authority is 
-desirables: It*^is -undesirable, for • rhuman operator to 
loan* hi s;/'her; smart card- rand an ^associated... pin number or 
^lCey---to^ another, because/ that, ^creates an un-managed 
• sectiTity ?risk:. ::: : :?£C~ ->& r .r: ' : - - 
. : '.r::; One- .'alternate : ;dglegatron mechanism is for an 
original authorizing^ to issue a 

.specialized : .^delegation-" : {certificate: to. >a substitute 
aixthbr^izingi agent: Xi'Vdelega^e^) Th'e certificate, signed 
by the ^primary .user, .,would : iidentif y;,the; delegate and the 
^delegate? sr~ public signature Verification key. The 
-d*eH"fe"gat ion r cert rf icate~n would; also contain, a time-: limit 
during -.which Lt he r.delegation .-certificate;/; (and hence the 
delegate ' s r . vautho^it^fe c : W£>ul4 J be r valid , 2 Y (See Sudia & 
Ankney, "Commercialization of >Digita£ . Signatures, " 1993 . ) 
•A .delegate;* .-fusing: hiWi^^r persegri.al-, smart card, would sign 
ra* document-: usings-.the^ cfejLeg&te * s. ; personal v signature key 
^arvd* ™would'\attach5th)&^^;legatiQn .^ce-rtlf icafce . Resulting 
■I'docUments^ v would nrrbe^ signed -by/? the, : delegate , not the 
/.primary ^s.eT, ?;and : :a- document recipient, .-must undertake 
additional .steps :to/ verd.fy~ the: delegate's signature and 
% .the delegate- c.ertdrf:ic r a?te.. ;This ■• relies , ;) r in part , -. on an 
: ability for- all-, putoliqj; lasers- of -a system, to have such 
f;verif ication rcapabiCLifey #nd, : to- hayj^ good* access to a 
soared of .-: revocation ...inf orination ^ (or ^!,hqt list") , in 
4 case :-:th-e ' authority fmust .-. be.^^cell^drbef ore it expires . 
*"-^^A preferred- approach = i@ toh.allow a delegate to use 
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the primary user's smart card in. a secure; way that, in 
effect, substitutes the human delegate, for the human 
primary user vis-a-vis the primary. user's smart card. 
.Then/- the • delegate would ;use the ^primary -■ user's smart 
card to affix the primary user's signature, and the 
universe ;.;ofv document' recipients is spared the additional 
burden • of ~- verifying : , and \ evaluating another complex 
certificate. ^ -. :* : * * :* : . - z :: 

\ r 1 - When : it"he* ^primary .user wishes . to .delegate signatory 
'authority.; the . .primary :.user issues y a- v substitution" 
certificate :4 09,t.to •• the delegate as illustrated in Fig. 
25 . .^The ^substitution', certificate identifies the primary 
user ID 411, the delegate ID 413 , \a means-, for the primary 
smart card to recognize-: the?,delegate (most likely the 
delegate's publiC-'-veriflcatdori; key 417).:,. .and a time; limit 
4 rs during. . which the/ substitution: /cert 1-ficate 4 0 9 (and 
hence- the delegate' seiauthority)^ ;ls, .valid.. The primary 
user ^may tidentif y Imul t iple - individuals.,: any one of whom 
-can- -authorize :, the.>5mart card, -or,. a-^group of individuals 
ofi^whom multiple^ ones', -must jointly -authorize thej smart 
card-/ -The -antecedents" :6f such .methods ;are; discussed in 
U.S. r Patent* -Nofc -4^, 868>i8:7;7,: 5 ,005 ; 200;- and 5,214,702 by 
Addison- Fischer :.r<i?ss ± L&~:.\ .-"-t.o 1 , v^-v 

1 . r.As ; - shown— am -Figure^ 2-5",* ^when.: air .delegate wants to 
sign - a - documeh-tyj-^b^ oil- behalf : of ~ theoprimary us'er, the 
* de 1 e dp a t e . v-4 OX - ^p;x- Bp-acr e : s : r arid -signs " a; ^ . r e.gue st 405 in a 
^specified- f oirmat ^t'^-tee communicated -to :the;vprimary user's 
card— 407; * A'ttached to, ;:: or otherwise .j.inqluded in the 
message 7 - is' the substitution -certlficte.* 4.0.9 If multiple 
delegates "need- to authorize* -the; primary user' s card, they 
may— sequentially*^ sign'.lthe: request in- ~a : ; similar manner to 
the : - way- multiple ■.authorizing-:./ agents . .sign a request 
: submit'ted t 'td '--a* sighing -device .as discussed above. Upon 
receipt "of-'the' signature request., . the. .primary user's card 
w'ill -'verify" that ~ - : £he; 7*requestlng user's signature (s) 



match(es) : the : public key(s): ..that were originally 
specified- in the substitution . .certificate, apply the 
primary user's signature 419, /and forward the signed 
document- ' on" to* a signing device 421 (or other 
destination) ' in- the 'usual ' mahner^ -:* 

' THe ■primary'- user' s 1 sm&rt card : 4 07- .may be given 
physically to a delegate. The presence-. ;of a time limit 
for the delegate ' s authority r; provide • a : "time lock" so 
thit delegates' can r onXy Use- the primary .'user ' s smart card 
diiring a lifif'ted period. ' As -discussed afcpve, the primary 
: user' s 'authority is ' "also ^ limited ; tcx* a : fixed time period. 
Tlies^' ^limits reduce—the consequences of th.eft, and allow 
pVimkry' users ; ahd r delegat'te^ to 3 store the primary user' s 
Hird ; in' a 1 rfelatively^ non-secur^.. off±cev environment. 
After the-'time p'eribd^Saa expired;-, thef smart card would 
s not bk 1 virlneraLbl^-Tib - any v key -guessing attacks . (In fact , 
" it Would :j be imtouhfe ftfdm ^ttacJc-'even.-. if • Jthe primary user 
l>-r Er fre legate had wri^'t'ett his/her. pin directly onto the 

"• : ~ L Additional ; prot^bt^^ ragaizist/ ~33?rss or physical 
attaek' cfan be^acftiev^ fey placing^ the snvart card into a 
' vatult a or J ot her- locked er*v^©nment,j i and., inserting the card 
r into' 'r^' caitf ^- rea^e^-^where ; ^it ,s q. c.an t be accessed 
1 : e\ectrbnie¥lly^ -this manner, all 

'"the 'ac't'i-bnS " : desdri%'edr:^bove:vmay be ; v qarried out-.,-: but no 
bne wilri' hsH^e -pH^ card, 
u por * • • • exampllr s - a « f . ^'-^rimary l: user : might be a 
:: vic£-presiderit in ; bha-rge- T 'of "purchasing/ .- who wishes to 
^delegate '•■'■his* specif ifc" - ( ■ signature ;._aut.hority to his 
: i^Sr'etary : whil ; e'-'he ; * travels to ^negotiate : a pending deal.' 
The* -substitution cerfci fixate might :,sip^cify that his smart 
•'csard -iW to is£ue * the : - vi£e Ipre'sidentr'-S; .signature only upon 
receipt of a *' signature -requests signed by: (a) the 
'secretary , ^as" desi^natj&d:byi>his substitution certificate ; 
-'""and" ; tb) -'co-sighed -by any:/ other- '.person with.- primary 
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signing authority in the. purchasing department. The 
vice-president places his card in a card reader in a 
locked vault and leaves. ; . 

To .obtain: the yd ce- president 's. . signature, the 
secretary would prepare £ the,, document to . be signed and 
-compute its associated .^hash-,. : using her desk- top computer 
terminal.* -She: would: then sign .-.the., hash, attach the 
vice-president' s. publ-ic key , rcertif icate, the final 
recipient, will: ne.ed.. it and^then .send them ,in a message to 
^another purchasing . agent ... . .The other, purchasing agent 
Jeo- signs:-; the :- same; -.hash . and - attaches . his public key 
certificate,- valqng ,w^th -.his authorization certificate 
: which grants - him-, rhis purchasing, authority . The other 
purchasing , agent , sends ■ . them in. a message to - the 
: vice-president' s smart -card through a local area network. 
-Given -that the=. v vice -pre si^ent/^,., card ..also contains 
trusted r ^copies.-,;.' of the public .-keys _ of .the certifying 
>authoritiesfwhich qxea.,t.ecL these certificates, such as the 
SWA, the vice-president's card determines that the 
signatures fand ce.rttifji^ates are all valid and affixes the 
'•vice-president is signature^ to.- the. document . The card 
-might'-aalsor .requests '-that , all ;> these . .certificates be 
accompanied byr ^recen^lya-signed - CRL', s ©^.certificates of 
• good- ^standing, f rom a^localiy., recognized^ CRL handler . 
L ■ .- ::.This delegat:ionbsmechanism n •takes .^advantage of an 
f abiaitycto.r.e-.-prog^am3the-,.pr.imary u^er.' s ...smart card. The 
primary user,':s. .smart card r iSjt.rust.ed-- device having known 
- security t characteristics^ -one ; - ,o£ r which must be a 
" ■ capability: f; to engage. >; in a sequre ..^ download of new 
instructions (e,g...,-:;. substdtut ion. ? certificates ) , as 
described for .s example - in- -co -pending U.S. patent 
: -applications ;08./>81 ;.859 ; ;and : 08/272 ,.2.03 . CSudia key escrow 
parent and-. Sudia -key escrow ,CIP). . : .. ■ . . ,- 

- -The : f or'egbing- r,.-.-: delegat ion. : r . .jme.chanism may be 
generalized- rsuch- that many -high- value^ end-user . digital 
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signature keys are in fact generated and used within 
tamper resistant, secure modules (TRSMs) that are stored 
inside secure vaults - or* data .centers, while the 
authorization; for such signatures -comes from signature 
request messages signed by approved users -who are given 
' unofficial * ('time locked) \smart . cards: to carry around with 
them. These TRSMs would remain .secure against tampering, 
to prevent- &ny.^ "data: .center j personnel from ever having 
access ' 1 16 - 1 usiei:. oprivate ?keys , , but* could, be designed to 
contain' -the keys of raan^ different ..users, .each of; which 
might be authorized to act bas^d. . - on ; , some single 
rion- official signature;, or^ some prearranged combination 
of signatures- and^ authorizations.^ . 

Another use for the delegation mechanism, apart from 
simple-" -delegation frbtn;::US.er;S "on temporary leaves of 
absence , wcaild be ^ system:; .....or - method whereby such a 
-p : rograinma;t*ic ^signature ~reque:St, :v*0uld, be made to a card 
Mor- to'ia key. contained:? wrtfc a common*. TRSM^ to perform the 
* signature' af"^a. .maj-or •Jidesk^:; cor... ; other : -;. role within a 
f i'nailcial -or corporate ^environment - ; ■:>:,: 
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WHAT" IS CLAIMED IS: 

:1. A. digital i signing method comprising steps of: 

generating shares of a private signature key; 

storing: shares in-, separate electronic signing 
devices; ..a - i . .1 . . 

certifying^ multiple . authorizing agents for signing 
devices'; ' and ; * .;.*:; 

- :. tor each, of :a plurality of signing devices, affixing 
a partial .signature-to .an ielectronicrinessage in response 
to authorization from :a minimum „? number ; of authorizing 
agfentsv'-. "* -' ,z ; * . ~.i ^ ./v *: 

r-.'. .---wherein'o-. a; . plurality, J.Qfz^. partial signatures 
constitutes aiidigital: signature,;*.- ^ - 

i- '*' r "2.. A system r-cfor affixing^: digital , signatures to 
electronic documents comprising: 5 
- v a- plurality eof ^intercommunicatd-ve. ..signing devices, 
each —signing ^device': ^comprising-, an.;- ^electronic device 
programmed- to receive ran -electronic document and to affix 
a partial signatures 1 using : a: ■ signature ; : key sthare in 
response to a predetermined number of authorizations; and 
a plurality of authorizing agents, each agent 
communicative with an associated signing device, each 
anent comprising an electronic device programmed to 
provide an authorization to an associated signing device. 

3 . A system of interlocked rings of signing 
devices for affixing digital signatures to electronic 
documents comprising : 

a first set of signing devices, said first set 
comprising a plurality of electronic devices, each device 
programmed to receive an electronic document and affix a 
partial signature for a first signature key, a plurality 
of said partial signatures comprising a first digital 
signature ; 



r 
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a second set Jof signing devices, said second set 
comprising a plurality of electronic devices, each device 
programmed to receive an electronic document and. affix a 
partial signature for a second signature key, a plurality 
of said partial signatures comprising a second digital 

signature; * r * 1 • ; 

. \ * *"* 

wherein said first ' includes l^ast bne member 

which is not in said second set, and said first and 

second ^sets-"inciude -at -least- one common -member-- — - T 



. 2.0. 



4. An elecirdn& method Of orudeiegat%d r use of an 
electronic key comprising steps pfr* } .^^^ r.j re- 
storing said key in a first elpptron ; ic device^ 
... — communicating" an'-eieet-ronic- delegation certificate 
to a delegate; , , m _ .. 

..... sending- a- request ..and.- the ..delegation ...certificate 
from the delegate VcWh£' 3 fci£st ^ifectrohic^-^devicei; afnd 

- - us itig 'said - * i rrstr""e~lectronic - - device- - tcr- • -us^ the 

electronic key in response to the request and the 
,.del^g^.t n iori^ QRrtiJ4.c^e 3 . ; _ _ __^L_ 
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